- Resource: DatabaseInstance
- SqlInstanceState
- Settings
- SqlAvailabilityType
- SqlPricingPlan
- SqlReplicationType
- SqlActivationPolicy
- IpConfiguration
- AclEntry
- SslMode
- PscConfig
- CaMode
- LocationPreference
- DatabaseFlags
- SqlDataDiskType
- MaintenanceWindow
- SqlUpdateTrack
- BackupConfiguration
- BackupRetentionSettings
- RetentionUnit
- TransactionalLogStorageState
- SqlActiveDirectoryConfig
- DenyMaintenancePeriod
- InsightsConfig
- PasswordValidationPolicy
- Complexity
- SqlServerAuditConfig
- Edition
- ConnectorEnforcement
- AdvancedMachineFeatures
- DataCacheConfig
- ConnectionPoolConfig
- ConnectionPoolFlags
- IpMapping
- SqlIpAddressType
- SqlInstanceType
- OnPremisesConfiguration
- InstanceReference
- ReplicaConfiguration
- MySqlReplicaConfiguration
- SqlBackendType
- SqlSuspensionReason
- SqlScheduledMaintenance
- SqlOutOfDiskReport
- SqlOutOfDiskState
- AvailableDatabaseVersion
- SqlNetworkArchitecture
- ReplicationCluster
- GeminiInstanceConfig
- DnsNameMapping
- ConnectionType
- DnsScope
Resource: DatabaseInstance
A Cloud SQL instance resource.
| JSON representation | 
|---|
| { "kind": string, "state": enum ( | 
| Fields | |
|---|---|
| kind | 
 This is always  | 
| state | 
 The current serving state of the Cloud SQL instance. | 
| databaseVersion | 
 The database engine type and version. The  | 
| settings | 
 The user settings. | 
| etag | 
 This field is deprecated and will be removed from a future version of the API. Use the  | 
| failoverReplica | 
 The name and status of the failover replica. | 
| failoverReplica.name | 
 The name of the failover replica. If specified at instance creation, a failover replica is created for the instance. The name doesn't include the project ID. | 
| failoverReplica.available | 
 The availability status of the failover replica. A false status indicates that the failover replica is out of sync. The primary instance can only failover to the failover replica when the status is true. | 
| masterInstanceName | 
 The name of the instance which will act as primary in the replication setup. | 
| replicaNames[] | 
 The replicas of the instance. | 
| maxDiskSize | 
 The maximum disk size of the instance in bytes. | 
| currentDiskSize | 
 The current disk usage of the instance in bytes. This property has been deprecated. Use the "cloudsql.googleapis.com/database/disk/bytes_used" metric in Cloud Monitoring API instead. Please see this announcement for details. | 
| ipAddresses[] | 
 The assigned IP addresses for the instance. | 
| serverCaCert | 
 SSL configuration. | 
| instanceType | 
 The instance type. | 
| project | 
 The project ID of the project containing the Cloud SQL instance. The Google apps domain is prefixed if applicable. | 
| ipv6Address | 
 The IPv6 address assigned to the instance. (Deprecated) This property was applicable only to First Generation instances. | 
| serviceAccountEmailAddress | 
 The service account email address assigned to the instance.\This property is read-only. | 
| onPremisesConfiguration | 
 Configuration specific to on-premises instances. | 
| replicaConfiguration | 
 Configuration specific to failover replicas and read replicas. | 
| backendType | 
 The backend type.  This property is read-only; use the  | 
| selfLink | 
 The URI of this resource. | 
| suspensionReason[] | 
 If the instance state is SUSPENDED, the reason for the suspension. | 
| connectionName | 
 Connection name of the Cloud SQL instance used in connection strings. | 
| name | 
 Name of the Cloud SQL instance. This does not include the project ID. | 
| region | 
 The geographical region. Can be: *  Defaults to  | 
| gceZone | 
 The Compute Engine zone that the instance is currently serving from. This value could be different from the zone that was specified when the instance was created if the instance has failed over to its secondary zone. WARNING: Changing this might restart the instance. | 
| secondaryGceZone | 
 The Compute Engine zone that the failover instance is currently serving from for a regional instance. This value could be different from the zone that was specified when the instance was created if the instance has failed over to its secondary/failover zone. | 
| diskEncryptionConfiguration | 
 Disk encryption configuration specific to an instance. | 
| diskEncryptionStatus | 
 Disk encryption status specific to an instance. | 
| rootPassword | 
 Initial root password. Use only on creation. You must set root passwords before you can connect to PostgreSQL instances. | 
| scheduledMaintenance | 
 The start time of any upcoming scheduled maintenance for this instance. | 
| satisfiesPzs | 
 This status indicates whether the instance satisfies PZS. The status is reserved for future use. | 
| databaseInstalledVersion | 
 Output only. Stores the current database version running on the instance including minor version such as  | 
| createTime | 
 Output only. The time when the instance was created in RFC 3339 format, for example  A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples:  | 
| availableMaintenanceVersions[] | 
 Output only. instances.list all maintenance versions applicable on the instance | 
| maintenanceVersion | 
 The current software version on the instance. | 
| upgradableDatabaseVersions[] | 
 Output only. All database versions that are available for upgrade. | 
| replicationCluster | 
 Optional. A primary instance and disaster recovery (DR) replica pair. A DR replica is a cross-region replica that you designate for failover in the event that the primary instance experiences regional failure. Applicable to MySQL and PostgreSQL. | 
| satisfiesPzi | 
 Output only. This status indicates whether the instance satisfies PZI. The status is reserved for future use. | 
| nodes[] | 
 Output only. Entries containing information about each read pool node of the read pool. | 
| dnsNames[] | 
 Output only. The list of DNS names used by this instance. | 
| outOfDiskReport | 
 This field represents the report generated by the proactive database wellness job for OutOfDisk issues. * Writers: * the proactive database wellness job for OOD. * Readers: * the proactive database wellness job | 
| sqlNetworkArchitecture | 
 | 
| pscServiceAttachmentLink | 
 Output only. The link to service attachment of PSC instance. | 
| dnsName | 
 Output only. The dns name of the instance. | 
| primaryDnsName | 
 Output only. DEPRECATED: please use writeEndpoint instead. | 
| write | 
 Output only. The dns name of the primary instance in a replication group. | 
| geminiConfig | 
 Gemini instance configuration. | 
| switchTransactionLogsToCloudStorageEnabled | 
 Input only. Whether Cloud SQL is enabled to switch storing point-in-time recovery log files from a data disk to Cloud Storage. | 
| nodeCount | 
 The number of read pool nodes in a read pool. | 
SqlInstanceState
The current serving state of the database instance.
| Enums | |
|---|---|
| SQL_INSTANCE_STATE_UNSPECIFIED | The state of the instance is unknown. | 
| RUNNABLE | The instance is running, or has been stopped by owner. | 
| SUSPENDED | The instance is not available, for example due to problems with billing. | 
| PENDING_DELETE | The instance is being deleted. | 
| PENDING_CREATE | The instance is being created. | 
| MAINTENANCE | The instance is down for maintenance. | 
| FAILED | The creation of the instance failed or a fatal error occurred during maintenance. | 
| ONLINE_MAINTENANCE | Deprecated | 
| REPAIRING | (Applicable to read pool nodes only.) The read pool node needs to be repaired. The database might be unavailable. | 
Settings
Database instance settings.
| JSON representation | 
|---|
| { "settingsVersion": string, "authorizedGaeApplications": [ string ], "tier": string, "kind": string, "userLabels": { string: string, ... }, "availabilityType": enum ( | 
| Fields | |
|---|---|
| settingsVersion | 
 The version of instance settings. This is a required field for update method to make sure concurrent updates are handled properly. During update, use the most recent settingsVersion value for this instance and do not try to update this value. | 
| authorizedGaeApplications[] | 
 The App Engine app IDs that can access this instance. (Deprecated) Applied to First Generation instances only. | 
| tier | 
 The tier (or machine type) for this instance, for example  | 
| kind | 
 This is always  | 
| userLabels | 
 User-provided labels, represented as a dictionary where each label is a single key value pair. An object containing a list of  | 
| availabilityType | 
 Availability type. Potential values: *  For more information, see Overview of the High Availability Configuration. | 
| pricingPlan | 
 The pricing plan for this instance. This can be either  | 
| replicationType | 
 The type of replication this instance uses. This can be either  | 
| storageAutoResizeLimit | 
 The maximum size to which storage capacity can be automatically increased. The default value is 0, which specifies that there is no limit. | 
| activationPolicy | 
 The activation policy specifies when the instance is activated; it is applicable only when the instance state is RUNNABLE. Valid values: *  | 
| ipConfiguration | 
 The settings for IP Management. This allows to enable or disable the instance IP and manage which external networks can connect to the instance. The IPv4 address cannot be disabled for Second Generation instances. | 
| storageAutoResize | 
 Configuration to increase storage size automatically. The default value is true. | 
| locationPreference | 
 The location preference settings. This allows the instance to be located as near as possible to either an App Engine app or Compute Engine zone for better performance. App Engine co-location was only applicable to First Generation instances. | 
| databaseFlags[] | 
 The database flags passed to the instance at startup. | 
| dataDiskType | 
 The type of data disk:  | 
| maintenanceWindow | 
 The maintenance window for this instance. This specifies when the instance can be restarted for maintenance purposes. | 
| backupConfiguration | 
 The daily backup configuration for the instance. | 
| databaseReplicationEnabled | 
 Configuration specific to read replica instances. Indicates whether replication is enabled or not. WARNING: Changing this restarts the instance. | 
| crashSafeReplicationEnabled | 
 Configuration specific to read replica instances. Indicates whether database flags for crash-safe replication are enabled. This property was only applicable to First Generation instances. | 
| dataDiskSizeGb | 
 The size of data disk, in GB. The data disk size minimum is 10GB. | 
| activeDirectoryConfig | 
 Active Directory configuration, relevant only for Cloud SQL for SQL Server. | 
| collation | 
 The name of server Instance collation. | 
| denyMaintenancePeriods[] | 
 Deny maintenance periods | 
| insightsConfig | 
 Insights configuration, for now relevant only for Postgres. | 
| passwordValidationPolicy | 
 The local user password validation policy of the instance. | 
| sqlServerAuditConfig | 
 SQL Server specific audit configuration. | 
| edition | 
 Optional. The edition of the instance. | 
| connectorEnforcement | 
 Specifies if connections must use Cloud SQL connectors. Option values include the following:  Note that using REQUIRED disables all existing authorized networks. If this field is not specified when creating a new instance, NOT_REQUIRED is used. If this field is not specified when patching or updating an existing instance, it is left unchanged in the instance. | 
| deletionProtectionEnabled | 
 Configuration to protect against accidental instance deletion. | 
| timeZone | 
 Server timezone, relevant only for Cloud SQL for SQL Server. | 
| dataCacheConfig | 
 Configuration for data cache. | 
| enableDataplexIntegration | 
 Optional. By default, Cloud SQL instances have schema extraction disabled for Dataplex. When this parameter is set to true, schema extraction for Dataplex on Cloud SQL instances is activated. | 
| retainBackupsOnDelete | 
 Optional. When this parameter is set to true, Cloud SQL retains backups of the instance even after the instance is deleted. The ON_DEMAND backup will be retained until customer deletes the backup or the project. The AUTOMATED backup will be retained based on the backups retention setting. | 
| connectionPoolConfig | 
 Optional. The managed connection pooling configuration for the instance. | 
| enableGoogleMlIntegration | 
 Optional. When this parameter is set to true, Cloud SQL instances can connect to Vertex AI to pass requests for real-time predictions and insights to the AI. The default value is false. This applies only to Cloud SQL for MySQL and Cloud SQL for PostgreSQL instances. | 
SqlAvailabilityType
The availability type of the given Cloud SQL instance.
| Enums | |
|---|---|
| SQL_AVAILABILITY_TYPE_UNSPECIFIED | This is an unknown Availability type. | 
| ZONAL | Zonal available instance. | 
| REGIONAL | Regional available instance. | 
SqlPricingPlan
The pricing plan for this instance.
| Enums | |
|---|---|
| SQL_PRICING_PLAN_UNSPECIFIED | This is an unknown pricing plan for this instance. | 
| PACKAGE | The instance is billed at a monthly flat rate. | 
| PER_USE | The instance is billed per usage. | 
SqlReplicationType
| Enums | |
|---|---|
| SQL_REPLICATION_TYPE_UNSPECIFIED | This is an unknown replication type for a Cloud SQL instance. | 
| SYNCHRONOUS | The synchronous replication mode for First Generation instances. It is the default value. | 
| ASYNCHRONOUS | The asynchronous replication mode for First Generation instances. It provides a slight performance gain, but if an outage occurs while this option is set to asynchronous, you can lose up to a few seconds of updates to your data. | 
SqlActivationPolicy
Specifies when the instance is activated.
| Enums | |
|---|---|
| SQL_ACTIVATION_POLICY_UNSPECIFIED | Unknown activation plan. | 
| ALWAYS | The instance is always up and running. | 
| NEVER | The instance never starts. | 
| ON_DEMAND | The instance starts upon receiving requests. | 
IpConfiguration
IP Management configuration.
| JSON representation | 
|---|
| { "ipv4Enabled": boolean, "privateNetwork": string, "requireSsl": boolean, "authorizedNetworks": [ { object ( | 
| Fields | |
|---|---|
| ipv4Enabled | 
 Whether the instance is assigned a public IP address or not. | 
| privateNetwork | 
 The resource link for the VPC network from which the Cloud SQL instance is accessible for private IP. For example,  | 
| requireSsl | 
 Use  Whether SSL/TLS connections over IP are enforced. If set to false, then allow both non-SSL/non-TLS and SSL/TLS connections. For SSL/TLS connections, the client certificate won't be verified. If set to true, then only allow connections encrypted with SSL/TLS and with valid client certificates. If you want to enforce SSL/TLS without enforcing the requirement for valid client certificates, then use the  | 
| authorizedNetworks[] | 
 The list of external networks that are allowed to connect to the instance using the IP. In 'CIDR' notation, also known as 'slash' notation (for example:  | 
| allocatedIpRange | 
 The name of the allocated ip range for the private ip Cloud SQL instance. For example: "google-managed-services-default". If set, the instance ip will be created in the allocated range. The range name must comply with RFC 1035. Specifically, the name must be 1-63 characters long and match the regular expression  | 
| sslMode | 
 Specify how SSL/TLS is enforced in database connections. If you must use the  For PostgreSQL and MySQL: 
 For SQL Server: 
 The value of  For example, for the pair  | 
| customSubjectAlternativeNames[] | 
 Optional. Custom Subject Alternative Name(SAN)s for a Cloud SQL instance. | 
| pscConfig | 
 PSC settings for this instance. | 
| serverCaMode | 
 Specify what type of CA is used for the server certificate. | 
| serverCaPool | 
 Optional. The resource name of the server CA pool for an instance with  | 
AclEntry
An entry for an Access Control list.
| JSON representation | 
|---|
| { "value": string, "expirationTime": string, "name": string, "kind": string } | 
| Fields | |
|---|---|
| value | 
 The allowlisted value for the access control list. | 
| expirationTime | 
 The time when this access control entry expires in RFC 3339 format, for example  A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples:  | 
| name | 
 Optional. A label to identify this entry. | 
| kind | 
 This is always  | 
SslMode
The SSL options for database connections.
| Enums | |
|---|---|
| SSL_MODE_UNSPECIFIED | The SSL mode is unknown. | 
| ALLOW_UNENCRYPTED_AND_ENCRYPTED | Allow non-SSL/non-TLS and SSL/TLS connections. For SSL connections to MySQL and PostgreSQL, the client certificate isn't verified. When this value is used, the legacy  | 
| ENCRYPTED_ONLY | Only allow connections encrypted with SSL/TLS. For SSL connections to MySQL and PostgreSQL, the client certificate isn't verified. When this value is used, the legacy  | 
| TRUSTED_CLIENT_CERTIFICATE_REQUIRED | Only allow connections encrypted with SSL/TLS and with valid client certificates. When this value is used, the legacy  Only applicable to MySQL and PostgreSQL. Not applicable to SQL Server. | 
PscConfig
PSC settings for a Cloud SQL instance.
| JSON representation | 
|---|
| { "allowedConsumerProjects": [ string ], "pscEnabled": boolean } | 
| Fields | |
|---|---|
| allowedConsumerProjects[] | 
 The list of consumer projects that are allow-listed for PSC connections to this instance. This instance can be connected to with PSC from any network in these projects. Each consumer project in this list may be represented by a project number (numeric) or by a project id (alphanumeric). | 
| pscEnabled | 
 Whether PSC connectivity is enabled for this instance. | 
CaMode
Various Certificate Authority (CA) modes for certificate signing.
| Enums | |
|---|---|
| CA_MODE_UNSPECIFIED | CA mode is unspecified. It is effectively the same as GOOGLE_MANAGED_INTERNAL_CA. | 
| GOOGLE_MANAGED_INTERNAL_CA | Google-managed self-signed internal CA. | 
| GOOGLE_MANAGED_CAS_CA | Google-managed regional CA part of root CA hierarchy hosted on Google Cloud's Certificate Authority Service (CAS). | 
| CUSTOMER_MANAGED_CAS_CA | Customer-managed CA hosted on Google Cloud's Certificate Authority Service (CAS). | 
LocationPreference
Preferred location. This specifies where a Cloud SQL instance is located. Note that if the preferred location is not available, the instance will be located as close as possible within the region. Only one location may be specified.
| JSON representation | 
|---|
| { "followGaeApplication": string, "zone": string, "secondaryZone": string, "kind": string } | 
| Fields | |
|---|---|
| followGaeApplication | 
 The App Engine application to follow, it must be in the same region as the Cloud SQL instance. WARNING: Changing this might restart the instance. | 
| zone | 
 The preferred Compute Engine zone (for example: us-central1-a, us-central1-b, etc.). WARNING: Changing this might restart the instance. | 
| secondaryZone | 
 The preferred Compute Engine zone for the secondary/failover (for example: us-central1-a, us-central1-b, etc.). | 
| kind | 
 This is always  | 
DatabaseFlags
Database flags for Cloud SQL instances.
| JSON representation | 
|---|
| { "name": string, "value": string } | 
| Fields | |
|---|---|
| name | 
 The name of the flag. These flags are passed at instance startup, so include both server options and system variables. Flags are specified with underscores, not hyphens. For more information, see Configuring Database Flags in the Cloud SQL documentation. | 
| value | 
 The value of the flag. Boolean flags are set to  | 
SqlDataDiskType
The type of disk that is used for a v2 instance to use.
| Enums | |
|---|---|
| SQL_DATA_DISK_TYPE_UNSPECIFIED | This is an unknown data disk type. | 
| PD_SSD | An SSD data disk. | 
| PD_HDD | An HDD data disk. | 
| OBSOLETE_LOCAL_SSD | This field is deprecated and will be removed from a future version of the API. | 
MaintenanceWindow
Maintenance window. This specifies when a Cloud SQL instance is restarted for system maintenance purposes.
| JSON representation | 
|---|
| { "hour": integer, "day": integer, "updateTrack": enum ( | 
| Fields | |
|---|---|
| hour | 
 Hour of day - 0 to 23. Specify in the UTC time zone. | 
| day | 
 Day of week -  | 
| updateTrack | 
 Maintenance timing settings:  | 
| kind | 
 This is always  | 
SqlUpdateTrack
| Enums | |
|---|---|
| SQL_UPDATE_TRACK_UNSPECIFIED | This is an unknown maintenance timing preference. | 
| canary | For an instance with a scheduled maintenance window, this maintenance timing indicates that the maintenance update is scheduled 7 to 14 days after the notification is sent out. Also referred to as Week 1(Console) andpreview(gcloud CLI). | 
| stable | For an instance with a scheduled maintenance window, this maintenance timing indicates that the maintenance update is scheduled 15 to 21 days after the notification is sent out. Also referred to as Week 2(Console) andproduction(gcloud CLI). | 
| week5 | For instance with a scheduled maintenance window, this maintenance timing indicates that the maintenance update is scheduled 35 to 42 days after the notification is sent out. | 
BackupConfiguration
Database instance backup configuration.
| JSON representation | 
|---|
| { "startTime": string, "enabled": boolean, "kind": string, "binaryLogEnabled": boolean, "replicationLogArchivingEnabled": boolean, "location": string, "pointInTimeRecoveryEnabled": boolean, "backupRetentionSettings": { object ( | 
| Fields | |
|---|---|
| startTime | 
 Start time for the daily backup configuration in UTC timezone in the 24 hour format -  | 
| enabled | 
 Whether this configuration is enabled. | 
| kind | 
 This is always  | 
| binaryLogEnabled | 
 (MySQL only) Whether binary log is enabled. If backup configuration is disabled, binarylog must be disabled as well. | 
| replicationLogArchivingEnabled | 
 Reserved for future use. | 
| location | 
 Location of the backup | 
| pointInTimeRecoveryEnabled | 
 Whether point in time recovery is enabled. | 
| backupRetentionSettings | 
 Backup retention settings. | 
| transactionLogRetentionDays | 
 The number of days of transaction logs we retain for point in time restore, from 1-7. | 
| transactionalLogStorageState | 
 Output only. This value contains the storage location of transactional logs used to perform point-in-time recovery (PITR) for the database. | 
BackupRetentionSettings
We currently only support backup retention by specifying the number of backups we will retain.
| JSON representation | 
|---|
| { "retentionUnit": enum ( | 
| Fields | |
|---|---|
| retentionUnit | 
 The unit that 'retainedBackups' represents. | 
| retainedBackups | 
 Depending on the value of retentionUnit, this is used to determine if a backup needs to be deleted. If retentionUnit is 'COUNT', we will retain this many backups. | 
RetentionUnit
The units that retainedBackups specifies, we only support COUNT.
| Enums | |
|---|---|
| RETENTION_UNIT_UNSPECIFIED | Backup retention unit is unspecified, will be treated as COUNT. | 
| COUNT | Retention will be by count, eg. "retain the most recent 7 backups". | 
TransactionalLogStorageState
This value contains the storage location of the transactional logs used to perform point-in-time recovery (PITR) for the database.
| Enums | |
|---|---|
| TRANSACTIONAL_LOG_STORAGE_STATE_UNSPECIFIED | Unspecified. | 
| DISK | The transaction logs used for PITR for the instance are stored on a data disk. | 
| SWITCHING_TO_CLOUD_STORAGE | The transaction logs used for PITR for the instance are switching from being stored on a data disk to being stored in Cloud Storage. Only applicable to MySQL. | 
| SWITCHED_TO_CLOUD_STORAGE | The transaction logs used for PITR for the instance are now stored in Cloud Storage. Previously, they were stored on a data disk. Only applicable to MySQL. | 
| CLOUD_STORAGE | The transaction logs used for PITR for the instance are stored in Cloud Storage. Only applicable to MySQL and PostgreSQL. | 
SqlActiveDirectoryConfig
Active Directory configuration, relevant only for Cloud SQL for SQL Server.
| JSON representation | 
|---|
| { "kind": string, "domain": string } | 
| Fields | |
|---|---|
| kind | 
 This is always sql#activeDirectoryConfig. | 
| domain | 
 The name of the domain (e.g., mydomain.com). | 
DenyMaintenancePeriod
Deny maintenance Periods. This specifies a date range during when all CSA rollout will be denied.
| JSON representation | 
|---|
| { "startDate": string, "endDate": string, "time": string } | 
| Fields | |
|---|---|
| startDate | 
 "deny maintenance period" start date. If the year of the start date is empty, the year of the end date also must be empty. In this case, it means the deny maintenance period recurs every year. The date is in format yyyy-mm-dd i.e., 2020-11-01, or mm-dd, i.e., 11-01 | 
| endDate | 
 "deny maintenance period" end date. If the year of the end date is empty, the year of the start date also must be empty. In this case, it means the no maintenance interval recurs every year. The date is in format yyyy-mm-dd i.e., 2020-11-01, or mm-dd, i.e., 11-01 | 
| time | 
 Time in UTC when the "deny maintenance period" starts on startDate and ends on endDate. The time is in format: HH:mm:SS, i.e., 00:00:00 | 
InsightsConfig
Insights configuration. This specifies when Cloud SQL Insights feature is enabled and optional configuration.
| JSON representation | 
|---|
| { "queryInsightsEnabled": boolean, "recordClientAddress": boolean, "recordApplicationTags": boolean, "queryStringLength": integer, "queryPlansPerMinute": integer } | 
| Fields | |
|---|---|
| queryInsightsEnabled | 
 Whether Query Insights feature is enabled. | 
| recordClientAddress | 
 Whether Query Insights will record client address when enabled. | 
| recordApplicationTags | 
 Whether Query Insights will record application tags from query when enabled. | 
| queryStringLength | 
 Maximum query length stored in bytes. Default value: 1024 bytes. Range: 256-4500 bytes. Query length more than this field value will be truncated to this value. When unset, query length will be the default value. Changing query length will restart the database. | 
| queryPlansPerMinute | 
 Number of query execution plans captured by Insights per minute for all queries combined. Default is 5. | 
PasswordValidationPolicy
Database instance local user password validation policy
| JSON representation | 
|---|
| { "minLength": integer, "complexity": enum ( | 
| Fields | |
|---|---|
| minLength | 
 Minimum number of characters allowed. | 
| complexity | 
 The complexity of the password. | 
| reuseInterval | 
 Number of previous passwords that cannot be reused. | 
| disallowUsernameSubstring | 
 Disallow username as a part of the password. | 
| passwordChangeInterval | 
 Minimum interval after which the password can be changed. This flag is only supported for PostgreSQL. A duration in seconds with up to nine fractional digits, ending with ' | 
| enablePasswordPolicy | 
 Whether the password policy is enabled or not. | 
Complexity
The complexity choices of the password.
| Enums | |
|---|---|
| COMPLEXITY_UNSPECIFIED | Complexity check is not specified. | 
| COMPLEXITY_DEFAULT | A combination of lowercase, uppercase, numeric, and non-alphanumeric characters. | 
SqlServerAuditConfig
SQL Server specific audit configuration.
| JSON representation | 
|---|
| { "kind": string, "bucket": string, "retentionInterval": string, "uploadInterval": string } | 
| Fields | |
|---|---|
| kind | 
 This is always sql#sqlServerAuditConfig | 
| bucket | 
 The name of the destination bucket (e.g., gs://mybucket). | 
| retentionInterval | 
 How long to keep generated audit files. A duration in seconds with up to nine fractional digits, ending with ' | 
| uploadInterval | 
 How often to upload generated audit files. A duration in seconds with up to nine fractional digits, ending with ' | 
Edition
The edition of the instance, can be ENTERPRISE or ENTERPRISE_PLUS.
| Enums | |
|---|---|
| EDITION_UNSPECIFIED | The instance did not specify the edition. | 
| ENTERPRISE | The instance is an Enterprise edition. | 
| ENTERPRISE_PLUS | The instance is an Enterprise Plus edition. | 
ConnectorEnforcement
The options for enforcing Cloud SQL connectors in the instance.
| Enums | |
|---|---|
| CONNECTOR_ENFORCEMENT_UNSPECIFIED | The requirement for Cloud SQL connectors is unknown. | 
| NOT_REQUIRED | Do not require Cloud SQL connectors. | 
| REQUIRED | Require all connections to use Cloud SQL connectors, including the Cloud SQL Auth Proxy and Cloud SQL Java, Python, and Go connectors. Note: This disables all existing authorized networks. | 
DataCacheConfig
Data cache configurations.
| JSON representation | 
|---|
| { "dataCacheEnabled": boolean } | 
| Fields | |
|---|---|
| dataCacheEnabled | 
 Whether data cache is enabled for the instance. | 
ConnectionPoolConfig
The managed connection pooling configuration.
| JSON representation | 
|---|
| { "flags": [ { object ( | 
| Fields | |
|---|---|
| flags[] | 
 Optional. instances.list of connection pool configuration flags | 
| connectionPoolingEnabled | 
 Whether managed connection pooling is enabled. | 
ConnectionPoolFlags
Connection pool flags for Cloud SQL instances managed connection pool configuration.
| JSON representation | 
|---|
| { "name": string, "value": string } | 
| Fields | |
|---|---|
| name | 
 Required. The name of the flag. | 
| value | 
 Required. The value of the flag. Boolean flags are set to  | 
IpMapping
Database instance IP mapping
| JSON representation | 
|---|
| { "type": enum ( | 
| Fields | |
|---|---|
| type | 
 The type of this IP address. A  | 
| ipAddress | 
 The IP address assigned. | 
| timeToRetire | 
 The due time for this IP to be retired in RFC 3339 format, for example  A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples:  | 
SqlIpAddressType
| Enums | |
|---|---|
| SQL_IP_ADDRESS_TYPE_UNSPECIFIED | This is an unknown IP address type. | 
| PRIMARY | IP address the customer is supposed to connect to. Usually this is the load balancer's IP address | 
| OUTGOING | Source IP address of the connection a read replica establishes to its external primary instance. This IP address can be allowlisted by the customer in case it has a firewall that filters incoming connection to its on premises primary instance. | 
| PRIVATE | Private IP used when using private IPs and network peering. | 
| MIGRATED_1ST_GEN | V1 IP of a migrated instance. We want the user to decommission this IP as soon as the migration is complete. Note: V1 instances with V1 ip addresses will be counted as PRIMARY. | 
SqlInstanceType
| Enums | |
|---|---|
| SQL_INSTANCE_TYPE_UNSPECIFIED | This is an unknown Cloud SQL instance type. | 
| CLOUD_SQL_INSTANCE | A regular Cloud SQL instance that is not replicating from a primary instance. | 
| ON_PREMISES_INSTANCE | An instance running on the customer's premises that is not managed by Cloud SQL. | 
| READ_REPLICA_INSTANCE | A Cloud SQL instance acting as a read-replica. | 
| READ_POOL_INSTANCE | A Cloud SQL read pool. | 
OnPremisesConfiguration
On-premises instance configuration.
| JSON representation | 
|---|
| { "hostPort": string, "kind": string, "username": string, "password": string, "caCertificate": string, "clientCertificate": string, "clientKey": string, "dumpFilePath": string, "sourceInstance": { object ( | 
| Fields | |
|---|---|
| hostPort | 
 The host and port of the on-premises instance in host:port format | 
| kind | 
 This is always  | 
| username | 
 The username for connecting to on-premises instance. | 
| password | 
 The password for connecting to on-premises instance. | 
| caCertificate | 
 PEM representation of the trusted CA's x509 certificate. | 
| clientCertificate | 
 PEM representation of the replica's x509 certificate. | 
| clientKey | 
 PEM representation of the replica's private key. The corresponsing public key is encoded in the client's certificate. | 
| dumpFilePath | 
 The dump file to create the Cloud SQL replica. | 
| sourceInstance | 
 The reference to Cloud SQL instance if the source is Cloud SQL. | 
InstanceReference
Reference to another Cloud SQL instance.
| JSON representation | 
|---|
| { "name": string, "region": string, "project": string } | 
| Fields | |
|---|---|
| name | 
 The name of the Cloud SQL instance being referenced. This does not include the project ID. | 
| region | 
 The region of the Cloud SQL instance being referenced. | 
| project | 
 The project ID of the Cloud SQL instance being referenced. The default is the same project ID as the instance references it. | 
ReplicaConfiguration
Read-replica configuration for connecting to the primary instance.
| JSON representation | 
|---|
| { "kind": string, "mysqlReplicaConfiguration": { object ( | 
| Fields | |
|---|---|
| kind | 
 This is always  | 
| mysqlReplicaConfiguration | 
 MySQL specific configuration when replicating from a MySQL on-premises primary instance. Replication configuration information such as the username, password, certificates, and keys are not stored in the instance metadata. The configuration information is used only to set up the replication connection and is stored by MySQL in a file named  | 
| failoverTarget | 
 Specifies if the replica is the failover target. If the field is set to  | 
MySqlReplicaConfiguration
Read-replica configuration specific to MySQL databases.
| JSON representation | 
|---|
| { "dumpFilePath": string, "username": string, "password": string, "connectRetryInterval": integer, "masterHeartbeatPeriod": string, "caCertificate": string, "clientCertificate": string, "clientKey": string, "sslCipher": string, "verifyServerCertificate": boolean, "kind": string } | 
| Fields | |
|---|---|
| dumpFilePath | 
 Path to a SQL dump file in Google Cloud Storage from which the replica instance is to be created. The URI is in the form gs://bucketName/fileName. Compressed gzip files (.gz) are also supported. Dumps have the binlog co-ordinates from which replication begins. This can be accomplished by setting --master-data to 1 when using mysqldump. | 
| username | 
 The username for the replication connection. | 
| password | 
 The password for the replication connection. | 
| connectRetryInterval | 
 Seconds to wait between connect retries. MySQL's default is 60 seconds. | 
| masterHeartbeatPeriod | 
 Interval in milliseconds between replication heartbeats. | 
| caCertificate | 
 PEM representation of the trusted CA's x509 certificate. | 
| clientCertificate | 
 PEM representation of the replica's x509 certificate. | 
| clientKey | 
 PEM representation of the replica's private key. The corresponsing public key is encoded in the client's certificate. | 
| sslCipher | 
 A list of permissible ciphers to use for SSL encryption. | 
| verifyServerCertificate | 
 Whether or not to check the primary instance's Common Name value in the certificate that it sends during the SSL handshake. | 
| kind | 
 This is always  | 
SqlBackendType
| Enums | |
|---|---|
| SQL_BACKEND_TYPE_UNSPECIFIED | This is an unknown backend type for instance. | 
| FIRST_GEN | V1 speckle instance. | 
| SECOND_GEN | V2 speckle instance. | 
| EXTERNAL | On premises instance. | 
SqlSuspensionReason
The suspension reason of the database instance if the state is SUSPENDED.
| Enums | |
|---|---|
| SQL_SUSPENSION_REASON_UNSPECIFIED | This is an unknown suspension reason. | 
| BILLING_ISSUE | The instance is suspended due to billing issues (for example:, GCP account issue) | 
| LEGAL_ISSUE | The instance is suspended due to illegal content (for example:, child pornography, copyrighted material, etc.). | 
| OPERATIONAL_ISSUE | The instance is causing operational issues (for example:, causing the database to crash). | 
| KMS_KEY_ISSUE | The KMS key used by the instance is either revoked or denied access to | 
SqlScheduledMaintenance
Any scheduled maintenance for this instance.
| JSON representation | 
|---|
| { "startTime": string, "canDefer": boolean, "canReschedule": boolean, "scheduleDeadlineTime": string } | 
| Fields | |
|---|---|
| startTime | 
 The start time of any upcoming scheduled maintenance for this instance. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples:  | 
| canDefer | 
 | 
| canReschedule | 
 If the scheduled maintenance can be rescheduled. | 
| scheduleDeadlineTime | 
 Maintenance cannot be rescheduled to start beyond this deadline. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples:  | 
SqlOutOfDiskReport
This message wraps up the information written by out-of-disk detection job.
| JSON representation | 
|---|
| { "sqlOutOfDiskState": enum ( | 
| Fields | |
|---|---|
| sqlOutOfDiskState | 
 This field represents the state generated by the proactive database wellness job for OutOfDisk issues. * Writers: * the proactive database wellness job for OOD. * Readers: * the proactive database wellness job | 
| sqlMinRecommendedIncreaseSizeGb | 
 The minimum recommended increase size in GigaBytes This field is consumed by the frontend * Writers: * the proactive database wellness job for OOD. * Readers: | 
SqlOutOfDiskState
This enum lists all possible states regarding out-of-disk issues.
| Enums | |
|---|---|
| SQL_OUT_OF_DISK_STATE_UNSPECIFIED | Unspecified state | 
| NORMAL | The instance has plenty space on data disk | 
| SOFT_SHUTDOWN | Data disk is almost used up. It is shutdown to prevent data corruption. | 
AvailableDatabaseVersion
An available database version. It can be a major or a minor version.
| JSON representation | 
|---|
| { "majorVersion": string, "name": string, "displayName": string } | 
| Fields | |
|---|---|
| majorVersion | 
 The version's major version name. | 
| name | 
 The database version name. For MySQL 8.0, this string provides the database major and minor version. | 
| displayName | 
 The database version's display name. | 
SqlNetworkArchitecture
The SQL network architecture for the instance.
| Enums | |
|---|---|
| SQL_NETWORK_ARCHITECTURE_UNSPECIFIED | |
| NEW_NETWORK_ARCHITECTURE | The instance uses the new network architecture. | 
| OLD_NETWORK_ARCHITECTURE | The instance uses the old network architecture. | 
ReplicationCluster
A primary instance and disaster recovery (DR) replica pair. A DR replica is a cross-region replica that you designate for failover in the event that the primary instance experiences regional failure. Applicable to MySQL and PostgreSQL.
| JSON representation | 
|---|
| { "psaWriteEndpoint": string, "failoverDrReplicaName": string, "drReplica": boolean } | 
| Fields | |
|---|---|
| psaWriteEndpoint | 
 Output only. If set, this field indicates this instance has a private service access (PSA) DNS endpoint that is pointing to the primary instance of the cluster. If this instance is the primary, then the DNS endpoint points to this instance. After a instances.switchover or replica failover operation, this DNS endpoint points to the promoted instance. This is a read-only field, returned to the user as information. This field can exist even if a standalone instance doesn't have a replica yet or the DR replica is deleted. | 
| failoverDrReplicaName | 
 Optional. If the instance is a primary instance, then this field identifies the disaster recovery (DR) replica. A DR replica is an optional configuration for Enterprise Plus edition instances. If the instance is a read replica, then the field is not set. Set this field to a replica name to designate a DR replica for a primary instance. Remove the replica name to remove the DR replica designation. | 
| drReplica | 
 Output only. Read-only field that indicates whether the replica is a DR replica. This field is not set if the instance is a primary instance. | 
GeminiInstanceConfig
Gemini instance configuration.
| JSON representation | 
|---|
| { "entitled": boolean, "indexAdvisorEnabled": boolean, "flagRecommenderEnabled": boolean } | 
| Fields | |
|---|---|
| entitled | 
 Output only. Whether Gemini is enabled. | 
| indexAdvisorEnabled | 
 Output only. Whether the index advisor is enabled. | 
| flagRecommenderEnabled | 
 Output only. Whether the flag recommender is enabled. | 
DnsNameMapping
DNS metadata.
| JSON representation | 
|---|
| { "name": string, "connectionType": enum ( | 
| Fields | |
|---|---|
| name | 
 The DNS name. | 
| connectionType | 
 Output only. The connection type of the DNS name. | 
| dnsScope | 
 Output only. The scope that the DNS name applies to. | 
ConnectionType
The connection type of the DNS name.
| Enums | |
|---|---|
| CONNECTION_TYPE_UNSPECIFIED | Unknown connection type. | 
| PUBLIC | Public IP. | 
| PRIVATE_SERVICES_ACCESS | Private services access (private IP). | 
| PRIVATE_SERVICE_CONNECT | Private Service Connect. | 
DnsScope
The scope that the DNS name applies to.
| Enums | |
|---|---|
| DNS_SCOPE_UNSPECIFIED | Unknown DNS scope. | 
| INSTANCE | Indicates a instance-level DNS name. | 
PoolNodeConfig
Details of a single read pool node of a read pool.
| JSON representation | 
|---|
| { "ipAddresses": [ { object ( | 
| Fields | |
|---|---|
| ipAddresses[] | 
 Output only. Mappings containing IP addresses that can be used to connect to the read pool node. | 
| name | 
 Output only. The name of the read pool node, to be used for retrieving metrics and logs. | 
| gceZone | 
 Output only. The zone of the read pool node. | 
| dnsName | 
 Output only. The DNS name of the read pool node. | 
| state | 
 Output only. The current state of the read pool node. | 
| Methods | |
|---|---|
| 
 | Lists all versions of server certificates and certificate authorities (CAs) for the specified instance. | 
| 
 | Rotates the server certificate version to one previously added with the addServerCertificate method. | 
| 
 | Adds a new trusted Certificate Authority (CA) version for the specified instance. | 
| 
 | Add a new trusted server certificate version for the specified instance using Certificate Authority Service (CAS) server CA. | 
| 
 | Creates a Cloud SQL instance as a clone of the source instance. | 
| 
 | Deletes a Cloud SQL instance. | 
| 
 | Demotes the stand-alone instance to be a Cloud SQL read replica for an external database server. | 
| 
 | Exports data from a Cloud SQL instance to a Cloud Storage bucket as a SQL dump or CSV file. | 
| 
 | Initiates a manual failover of a high availability (HA) primary instance to a standby instance, which becomes the primary instance. | 
| 
 | Retrieves a resource containing information about a Cloud SQL instance. | 
| 
 | Imports data into a Cloud SQL instance from a SQL dump or CSV file in Cloud Storage. | 
| 
 | Creates a new Cloud SQL instance. | 
| 
 | Lists instances under a given project. | 
| 
 | Lists all of the trusted Certificate Authorities (CAs) for the specified instance. | 
| 
 | Partially updates settings of a Cloud SQL instance by merging the request with the current configuration. | 
| 
 | Promotes the read replica instance to be an independent Cloud SQL primary instance. | 
| 
 | Reencrypt CMEK instance with latest key version. | 
| 
 | Deletes all client certificates and generates a new server SSL certificate for the instance. | 
| 
 | Restarts a Cloud SQL instance. | 
| 
 | Restores a backup of a Cloud SQL instance. | 
| 
 | Rotates the server certificate to one signed by the Certificate Authority (CA) version previously added with the addServerCA method. | 
| 
 | Starts the replication in the read replica instance. | 
| 
 | Stops the replication in the read replica instance. | 
| 
 | Switches over from the primary instance to the DR replica instance. | 
| 
 | Truncate MySQL general and slow query log tables MySQL only. | 
| 
 | Updates settings of a Cloud SQL instance. |