Shared Responsibility

This page describes what you, as a Cloud SQL customer, are responsible for and what Google is responsible for.

Introduction

Cloud SQL is a fully managed database service that simplifies deployment, maintenance, and management of relational databases in the cloud. Cloud SQL offers meaningful insights and manageability features, significantly reducing user toil.

As a Cloud SQL customer, you are responsible for configuring and operating Cloud SQL for your workload needs to get the most value from the service.

Google's responsibilities

  • Provision and maintain the underlying infrastructure, including hardware, firmware, kernel, OS, storage, network and more:
    • Secure the low-level infrastructure, which includes the physical premises, the hardware in Google data centers, and the low-level software stack running on the machines.
    • Encrypt data in a Cloud SQL instance at rest by default and enable customer-managed encryption in transit.
  • Install and maintain the database software.
    • Provide configuration and tools to secure your Cloud SQL instance.
    • Provide limited access to database-specific functionality available to customers using flags, stored procedures, and plugins.
    • Increase instance storage capacity for instances configured to enable automatic storage increase.
    • Provide maintenance notifications, allow maintenance deferrals, and set maintenance denial periods.
    • Apply database vendor-provided fixes to instances as part of scheduled maintenance.
    • Make database vendor-provided fixes for known security vulnerabilities available for customers to apply proactively using self-service maintenance
  • Provide monitoring telemetry for various instance components including but not limited to:
    • CPU
    • Storage
    • Network
    • Memory
    • User connections
  • Provide disaster recovery capabilities in case of region outages for instances configured with cross-region read replicas and instances configured with multi-region backups.
  • Provide high availability in case of zonal outages on instances configured for high availability (HA).
  • Provide workload introspection capabilities for select engines with Query Insights.
  • Provide actionable insights into instance sizing and idleness for cost optimization with the Recommender service.
  • Provide Google Cloud integrations for Identity and Access Management (IAM), tags, Cloud Logging, Cloud Key Management Service and Network Intelligence Center.

Customer responsibilities

  • Create instances with the appropriate version, location, size and database flags.
  • Create and administer databases and any user-created code on the instance.
  • Secure access, authentication, and authorization using appropriate controls.
  • Configure and troubleshoot connectivity from client-side tooling to the Cloud SQL instance.
  • Configure the Cloud SQL instance for high availability and zonal/regional disaster recovery.
  • Use the maintenance features to control the business impact from maintenance events.
  • Manage, tune, and optimize the database performance based on the workload and instance configuration.
  • Configure storage capacity to accommodate future growth necessary for critical database maintenance events.

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025年12月10日 UTC.