User
Creates a new Google SQL User on a Google SQL User Instance. For more information, see the official documentation, or the JSON API.
Example Usage
Example creating a SQL User.
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
import * as random from "@pulumi/random";
const dbNameSuffix = new random.RandomId("db_name_suffix", {byteLength: 4});
const main = new gcp.sql.DatabaseInstance("main", {
name: pulumi.interpolate`main-instance-${dbNameSuffix.hex}`,
databaseVersion: "MYSQL_5_7",
settings: {
tier: "db-f1-micro",
},
});
const users = new gcp.sql.User("users", {
name: "me",
instance: main.name,
host: "me.com",
password: "changeme",
});Content copied to clipboard
import pulumi
import pulumi_gcp as gcp
import pulumi_random as random
db_name_suffix = random.RandomId("db_name_suffix", byte_length=4)
main = gcp.sql.DatabaseInstance("main",
name=db_name_suffix.hex.apply(lambda hex: f"main-instance-{hex}"),
database_version="MYSQL_5_7",
settings={
"tier": "db-f1-micro",
})
users = gcp.sql.User("users",
name="me",
instance=main.name,
host="me.com",
password="changeme")Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
using Random = Pulumi.Random;
return await Deployment.RunAsync(() =>
{
var dbNameSuffix = new Random.RandomId("db_name_suffix", new()
{
ByteLength = 4,
});
var main = new Gcp.Sql.DatabaseInstance("main", new()
{
Name = dbNameSuffix.Hex.Apply(hex => $"main-instance-{hex}"),
DatabaseVersion = "MYSQL_5_7",
Settings = new Gcp.Sql.Inputs.DatabaseInstanceSettingsArgs
{
Tier = "db-f1-micro",
},
});
var users = new Gcp.Sql.User("users", new()
{
Name = "me",
Instance = main.Name,
Host = "me.com",
Password = "changeme",
});
});Content copied to clipboard
package main
import (
"fmt"
"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/sql"
"github.com/pulumi/pulumi-random/sdk/v4/go/random"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
dbNameSuffix, err := random.NewRandomId(ctx, "db_name_suffix", &random.RandomIdArgs{
ByteLength: pulumi.Int(4),
})
if err != nil {
return err
}
main, err := sql.NewDatabaseInstance(ctx, "main", &sql.DatabaseInstanceArgs{
Name: dbNameSuffix.Hex.ApplyT(func(hex string) (string, error) {
return fmt.Sprintf("main-instance-%v", hex), nil
}).(pulumi.StringOutput),
DatabaseVersion: pulumi.String("MYSQL_5_7"),
Settings: &sql.DatabaseInstanceSettingsArgs{
Tier: pulumi.String("db-f1-micro"),
},
})
if err != nil {
return err
}
_, err = sql.NewUser(ctx, "users", &sql.UserArgs{
Name: pulumi.String("me"),
Instance: main.Name,
Host: pulumi.String("me.com"),
Password: pulumi.String("changeme"),
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.random.RandomId;
import com.pulumi.random.RandomIdArgs;
import com.pulumi.gcp.sql.DatabaseInstance;
import com.pulumi.gcp.sql.DatabaseInstanceArgs;
import com.pulumi.gcp.sql.inputs.DatabaseInstanceSettingsArgs;
import com.pulumi.gcp.sql.User;
import com.pulumi.gcp.sql.UserArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var dbNameSuffix = new RandomId("dbNameSuffix", RandomIdArgs.builder()
.byteLength(4)
.build());
var main = new DatabaseInstance("main", DatabaseInstanceArgs.builder()
.name(dbNameSuffix.hex().applyValue(hex -> String.format("main-instance-%s", hex)))
.databaseVersion("MYSQL_5_7")
.settings(DatabaseInstanceSettingsArgs.builder()
.tier("db-f1-micro")
.build())
.build());
var users = new User("users", UserArgs.builder()
.name("me")
.instance(main.name())
.host("me.com")
.password("changeme")
.build());
}
}Content copied to clipboard
resources:
dbNameSuffix:
type: random:RandomId
name: db_name_suffix
properties:
byteLength: 4
main:
type: gcp:sql:DatabaseInstance
properties:
name: main-instance-${dbNameSuffix.hex}
databaseVersion: MYSQL_5_7
settings:
tier: db-f1-micro
users:
type: gcp:sql:User
properties:
name: me
instance: ${main.name}
host: me.com
password: changemeContent copied to clipboard
Example using Cloud SQL IAM database authentication.
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
import * as random from "@pulumi/random";
import * as std from "@pulumi/std";
const dbNameSuffix = new random.RandomId("db_name_suffix", {byteLength: 4});
const main = new gcp.sql.DatabaseInstance("main", {
name: pulumi.interpolate`main-instance-${dbNameSuffix.hex}`,
databaseVersion: "POSTGRES_15",
settings: {
tier: "db-f1-micro",
databaseFlags: [{
name: "cloudsql_iam_authentication",
value: "on",
}],
},
});
const iamUser = new gcp.sql.User("iam_user", {
name: "me@example.com",
instance: main.name,
type: "CLOUD_IAM_USER",
});
const iamServiceAccountUser = new gcp.sql.User("iam_service_account_user", {
name: std.trimsuffix({
input: serviceAccount.email,
suffix: ".gserviceaccount.com",
}).then(invoke => invoke.result),
instance: main.name,
type: "CLOUD_IAM_SERVICE_ACCOUNT",
});Content copied to clipboard
import pulumi
import pulumi_gcp as gcp
import pulumi_random as random
import pulumi_std as std
db_name_suffix = random.RandomId("db_name_suffix", byte_length=4)
main = gcp.sql.DatabaseInstance("main",
name=db_name_suffix.hex.apply(lambda hex: f"main-instance-{hex}"),
database_version="POSTGRES_15",
settings={
"tier": "db-f1-micro",
"database_flags": [{
"name": "cloudsql_iam_authentication",
"value": "on",
}],
})
iam_user = gcp.sql.User("iam_user",
name="me@example.com",
instance=main.name,
type="CLOUD_IAM_USER")
iam_service_account_user = gcp.sql.User("iam_service_account_user",
name=std.trimsuffix(input=service_account["email"],
suffix=".gserviceaccount.com").result,
instance=main.name,
type="CLOUD_IAM_SERVICE_ACCOUNT")Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
using Random = Pulumi.Random;
using Std = Pulumi.Std;
return await Deployment.RunAsync(() =>
{
var dbNameSuffix = new Random.RandomId("db_name_suffix", new()
{
ByteLength = 4,
});
var main = new Gcp.Sql.DatabaseInstance("main", new()
{
Name = dbNameSuffix.Hex.Apply(hex => $"main-instance-{hex}"),
DatabaseVersion = "POSTGRES_15",
Settings = new Gcp.Sql.Inputs.DatabaseInstanceSettingsArgs
{
Tier = "db-f1-micro",
DatabaseFlags = new[]
{
new Gcp.Sql.Inputs.DatabaseInstanceSettingsDatabaseFlagArgs
{
Name = "cloudsql_iam_authentication",
Value = "on",
},
},
},
});
var iamUser = new Gcp.Sql.User("iam_user", new()
{
Name = "me@example.com",
Instance = main.Name,
Type = "CLOUD_IAM_USER",
});
var iamServiceAccountUser = new Gcp.Sql.User("iam_service_account_user", new()
{
Name = Std.Trimsuffix.Invoke(new()
{
Input = serviceAccount.Email,
Suffix = ".gserviceaccount.com",
}).Apply(invoke => invoke.Result),
Instance = main.Name,
Type = "CLOUD_IAM_SERVICE_ACCOUNT",
});
});Content copied to clipboard
package main
import (
"fmt"
"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/sql"
"github.com/pulumi/pulumi-random/sdk/v4/go/random"
"github.com/pulumi/pulumi-std/sdk/go/std"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
dbNameSuffix, err := random.NewRandomId(ctx, "db_name_suffix", &random.RandomIdArgs{
ByteLength: pulumi.Int(4),
})
if err != nil {
return err
}
main, err := sql.NewDatabaseInstance(ctx, "main", &sql.DatabaseInstanceArgs{
Name: dbNameSuffix.Hex.ApplyT(func(hex string) (string, error) {
return fmt.Sprintf("main-instance-%v", hex), nil
}).(pulumi.StringOutput),
DatabaseVersion: pulumi.String("POSTGRES_15"),
Settings: &sql.DatabaseInstanceSettingsArgs{
Tier: pulumi.String("db-f1-micro"),
DatabaseFlags: sql.DatabaseInstanceSettingsDatabaseFlagArray{
&sql.DatabaseInstanceSettingsDatabaseFlagArgs{
Name: pulumi.String("cloudsql_iam_authentication"),
Value: pulumi.String("on"),
},
},
},
})
if err != nil {
return err
}
_, err = sql.NewUser(ctx, "iam_user", &sql.UserArgs{
Name: pulumi.String("me@example.com"),
Instance: main.Name,
Type: pulumi.String("CLOUD_IAM_USER"),
})
if err != nil {
return err
}
invokeTrimsuffix, err := std.Trimsuffix(ctx, &std.TrimsuffixArgs{
Input: serviceAccount.Email,
Suffix: ".gserviceaccount.com",
}, nil)
if err != nil {
return err
}
_, err = sql.NewUser(ctx, "iam_service_account_user", &sql.UserArgs{
Name: pulumi.String(invokeTrimsuffix.Result),
Instance: main.Name,
Type: pulumi.String("CLOUD_IAM_SERVICE_ACCOUNT"),
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.random.RandomId;
import com.pulumi.random.RandomIdArgs;
import com.pulumi.gcp.sql.DatabaseInstance;
import com.pulumi.gcp.sql.DatabaseInstanceArgs;
import com.pulumi.gcp.sql.inputs.DatabaseInstanceSettingsArgs;
import com.pulumi.gcp.sql.User;
import com.pulumi.gcp.sql.UserArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var dbNameSuffix = new RandomId("dbNameSuffix", RandomIdArgs.builder()
.byteLength(4)
.build());
var main = new DatabaseInstance("main", DatabaseInstanceArgs.builder()
.name(dbNameSuffix.hex().applyValue(hex -> String.format("main-instance-%s", hex)))
.databaseVersion("POSTGRES_15")
.settings(DatabaseInstanceSettingsArgs.builder()
.tier("db-f1-micro")
.databaseFlags(DatabaseInstanceSettingsDatabaseFlagArgs.builder()
.name("cloudsql_iam_authentication")
.value("on")
.build())
.build())
.build());
var iamUser = new User("iamUser", UserArgs.builder()
.name("me@example.com")
.instance(main.name())
.type("CLOUD_IAM_USER")
.build());
var iamServiceAccountUser = new User("iamServiceAccountUser", UserArgs.builder()
.name(StdFunctions.trimsuffix(TrimsuffixArgs.builder()
.input(serviceAccount.email())
.suffix(".gserviceaccount.com")
.build()).result())
.instance(main.name())
.type("CLOUD_IAM_SERVICE_ACCOUNT")
.build());
}
}Content copied to clipboard
resources:
dbNameSuffix:
type: random:RandomId
name: db_name_suffix
properties:
byteLength: 4
main:
type: gcp:sql:DatabaseInstance
properties:
name: main-instance-${dbNameSuffix.hex}
databaseVersion: POSTGRES_15
settings:
tier: db-f1-micro
databaseFlags:
- name: cloudsql_iam_authentication
value: on
iamUser:
type: gcp:sql:User
name: iam_user
properties:
name: me@example.com
instance: ${main.name}
type: CLOUD_IAM_USER
iamServiceAccountUser:
type: gcp:sql:User
name: iam_service_account_user
properties:
name:
fn::invoke:
Function: std:trimsuffix
Arguments:
input: ${serviceAccount.email}
suffix: .gserviceaccount.com
Return: result
instance: ${main.name}
type: CLOUD_IAM_SERVICE_ACCOUNTContent copied to clipboard
Example using Cloud SQL IAM Group authentication.
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
import * as random from "@pulumi/random";
const dbNameSuffix = new random.RandomId("db_name_suffix", {byteLength: 4});
const main = new gcp.sql.DatabaseInstance("main", {
name: pulumi.interpolate`main-instance-${dbNameSuffix.hex}`,
databaseVersion: "MYSQL_8_0",
settings: {
tier: "db-f1-micro",
databaseFlags: [{
name: "cloudsql_iam_authentication",
value: "on",
}],
},
});
const iamGroupUser = new gcp.sql.User("iam_group_user", {
name: "iam_group@example.com",
instance: main.name,
type: "CLOUD_IAM_GROUP",
});Content copied to clipboard
import pulumi
import pulumi_gcp as gcp
import pulumi_random as random
db_name_suffix = random.RandomId("db_name_suffix", byte_length=4)
main = gcp.sql.DatabaseInstance("main",
name=db_name_suffix.hex.apply(lambda hex: f"main-instance-{hex}"),
database_version="MYSQL_8_0",
settings={
"tier": "db-f1-micro",
"database_flags": [{
"name": "cloudsql_iam_authentication",
"value": "on",
}],
})
iam_group_user = gcp.sql.User("iam_group_user",
name="iam_group@example.com",
instance=main.name,
type="CLOUD_IAM_GROUP")Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
using Random = Pulumi.Random;
return await Deployment.RunAsync(() =>
{
var dbNameSuffix = new Random.RandomId("db_name_suffix", new()
{
ByteLength = 4,
});
var main = new Gcp.Sql.DatabaseInstance("main", new()
{
Name = dbNameSuffix.Hex.Apply(hex => $"main-instance-{hex}"),
DatabaseVersion = "MYSQL_8_0",
Settings = new Gcp.Sql.Inputs.DatabaseInstanceSettingsArgs
{
Tier = "db-f1-micro",
DatabaseFlags = new[]
{
new Gcp.Sql.Inputs.DatabaseInstanceSettingsDatabaseFlagArgs
{
Name = "cloudsql_iam_authentication",
Value = "on",
},
},
},
});
var iamGroupUser = new Gcp.Sql.User("iam_group_user", new()
{
Name = "iam_group@example.com",
Instance = main.Name,
Type = "CLOUD_IAM_GROUP",
});
});Content copied to clipboard
package main
import (
"fmt"
"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/sql"
"github.com/pulumi/pulumi-random/sdk/v4/go/random"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
dbNameSuffix, err := random.NewRandomId(ctx, "db_name_suffix", &random.RandomIdArgs{
ByteLength: pulumi.Int(4),
})
if err != nil {
return err
}
main, err := sql.NewDatabaseInstance(ctx, "main", &sql.DatabaseInstanceArgs{
Name: dbNameSuffix.Hex.ApplyT(func(hex string) (string, error) {
return fmt.Sprintf("main-instance-%v", hex), nil
}).(pulumi.StringOutput),
DatabaseVersion: pulumi.String("MYSQL_8_0"),
Settings: &sql.DatabaseInstanceSettingsArgs{
Tier: pulumi.String("db-f1-micro"),
DatabaseFlags: sql.DatabaseInstanceSettingsDatabaseFlagArray{
&sql.DatabaseInstanceSettingsDatabaseFlagArgs{
Name: pulumi.String("cloudsql_iam_authentication"),
Value: pulumi.String("on"),
},
},
},
})
if err != nil {
return err
}
_, err = sql.NewUser(ctx, "iam_group_user", &sql.UserArgs{
Name: pulumi.String("iam_group@example.com"),
Instance: main.Name,
Type: pulumi.String("CLOUD_IAM_GROUP"),
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.random.RandomId;
import com.pulumi.random.RandomIdArgs;
import com.pulumi.gcp.sql.DatabaseInstance;
import com.pulumi.gcp.sql.DatabaseInstanceArgs;
import com.pulumi.gcp.sql.inputs.DatabaseInstanceSettingsArgs;
import com.pulumi.gcp.sql.User;
import com.pulumi.gcp.sql.UserArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var dbNameSuffix = new RandomId("dbNameSuffix", RandomIdArgs.builder()
.byteLength(4)
.build());
var main = new DatabaseInstance("main", DatabaseInstanceArgs.builder()
.name(dbNameSuffix.hex().applyValue(hex -> String.format("main-instance-%s", hex)))
.databaseVersion("MYSQL_8_0")
.settings(DatabaseInstanceSettingsArgs.builder()
.tier("db-f1-micro")
.databaseFlags(DatabaseInstanceSettingsDatabaseFlagArgs.builder()
.name("cloudsql_iam_authentication")
.value("on")
.build())
.build())
.build());
var iamGroupUser = new User("iamGroupUser", UserArgs.builder()
.name("iam_group@example.com")
.instance(main.name())
.type("CLOUD_IAM_GROUP")
.build());
}
}Content copied to clipboard
resources:
dbNameSuffix:
type: random:RandomId
name: db_name_suffix
properties:
byteLength: 4
main:
type: gcp:sql:DatabaseInstance
properties:
name: main-instance-${dbNameSuffix.hex}
databaseVersion: MYSQL_8_0
settings:
tier: db-f1-micro
databaseFlags:
- name: cloudsql_iam_authentication
value: on
iamGroupUser:
type: gcp:sql:User
name: iam_group_user
properties:
name: iam_group@example.com
instance: ${main.name}
type: CLOUD_IAM_GROUPContent copied to clipboard
Import
SQL users for MySQL databases can be imported using the project, instance, host and name, e.g.
{{project_id}}/{{instance}}/{{host}}/{{name}}SQL users for PostgreSQL databases can be imported using theproject,instanceandname, e.g.{{project_id}}/{{instance}}/{{name}}When using thepulumi importcommand, NAME_HERE can be imported using one of the formats above. For example: MySQL database
$ pulumi import gcp:sql/user:User default {{project_id}}/{{instance}}/{{host}}/{{name}}Content copied to clipboard
PostgreSQL database
$ pulumi import gcp:sql/user:User default {{project_id}}/{{instance}}/{{name}}Content copied to clipboard
Properties
Link copied to clipboard
The deletion policy for the user. Setting ABANDON allows the resource to be abandoned rather than deleted. This is useful for Postgres, where users cannot be deleted from the API if they have been granted SQL roles. Possible values are: ABANDON.
Link copied to clipboard
The password for the user. Can be updated. For Postgres instances this is a Required field, unless type is set to either CLOUD_IAM_USER or CLOUD_IAM_SERVICE_ACCOUNT. Don't set this field for CLOUD_IAM_USER and CLOUD_IAM_SERVICE_ACCOUNT user types for any Cloud SQL instance.
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
The user type. It determines the method to authenticate the user during login. The default is the database's built-in user type. Flags include "BUILT_IN", "CLOUD_IAM_USER", and "CLOUD_IAM_SERVICE_ACCOUNT" for both Postgres and MySQL. MySQL also includes "CLOUD_IAM_GROUP", "CLOUD_IAM_GROUP_USER" and "CLOUD_IAM_GROUP_SERVICE_ACCOUNT".