Google Cloud SQL provides a REST API for administering your instances programmatically. The REST API is defined by BackupRuns, Flags, Instances, Operations, SslCerts, and Tiers resources. Each resource supports methods for accessing and working with it. For example, the Instances resource supports methods like get, insert, and list. For details of all the resources and their methods, see the Google Cloud SQL API Reference .
When you send requests directly to the Google Cloud SQL REST API, you must create the correct form of the request, authorize the request as an authenticated user, and process any responses returned. The Examples section below shows how to do this using cURL .
You are also using the Google Cloud SQL REST API, indirectly, when you use any of the following ways of administering instances:
- Google Cloud SDK , which contains a command-line interface you can use to work with your instances.
- One of the Client Libraries , such as for Java, Python, or PHP.
- Google Developers Console , a graphical web interface.
The advantage of using the Cloud SDK, a client library, and in particular, the Google Developers Console, is that these tools can greatly simplify administering your instances depending on your use case. If you are just starting out with Google Cloud SQL, we recommend that you start with the one of these tools first before working with the REST API directly.
Activating the API
This API is currently available to everyone. You can activate the Google Cloud SQL API as follows:
- Go to the Google Developers Console .
- Select the project for which you want to activate the API.
- In the sidebar on the left, click APIs & auth to show the list of services you can enable for your project.
- Find the Google Cloud SQL API and ensure the Status is "ON".
Authorizing requests
Every request your application sends to the Google Cloud SQL API must include an authorization token. The token also identifies your application to Google.
About authorization protocols
We recommend using OAuth 2.0 to authorize requests.
If your application has certain unusual authorization requirements, such as logging in at the same time as requesting data access ( hybrid ) or domain-wide delegation of authority ( 2LO ), then you cannot currently use OAuth 2.0 tokens. In such cases, you must instead use OAuth 1.0 tokens and an API key . To find your application's API key:
- Go to the Google Developers Console .
- Select a project, or create a new one.
- In the sidebar on the left, expand APIs & auth . Next, click APIs . In the list of APIs, make sure the status is ON for the Google Cloud SQL API.
- In the sidebar on the left, select Credentials .
-
This API supports two types of credentials.
Create whichever credentials are appropriate for your project:
-
OAuth: Your application must send an OAuth 2.0 token with any request that accesses private user data. Your application sends a client ID and, possibly, a client secret to obtain a token. You can generate OAuth 2.0 credentials for web applications, service accounts, or installed applications.
To create an OAuth 2.0 token, click Create new Client ID , provide the required information where requested, and click Create Client ID .
-
Public API access: A request that does not provide an OAuth 2.0 token must send an API key. The key identifies your project and provides API access, quota, and reports.
To create an API key, click Create new Key and select the appropriate key type. Enter the additional information required for that key type and click Create .
-
Authorizing requests with OAuth 2.0
All requests to the Google Cloud SQL API must be authorized by an authenticated user.
The details of the authorization process, or "flow," for OAuth 2.0 vary somewhat depending on what kind of application you're writing. The following general process applies to all application types:
- When you create your application, you register it using the Google Developers Console . Google then provides information you'll need later, such as a client ID and a client secret.
- Activate the Google Cloud SQL API in the Google Developers Console. (If the API isn't listed in the Developers Console, then skip this step.)
- When your application needs access to user data, it asks Google for a particular scope of access.
- Google displays a consent screen to the user, asking them to authorize your application to request some of their data.
- If the user approves, then Google gives your application a short-lived access token .
- Your application requests user data, attaching the access token to the request.
- If Google determines that your request and the token are valid, it returns the requested data.
Some flows include additional steps, such as using refresh tokens to acquire new access tokens. For detailed information about flows for various types of applications, see Google's OAuth 2.0 documentation .
Here's the OAuth 2.0 scope information for the Google Cloud SQL API:
Scope | Meaning |
---|---|
https://www.googleapis.com/auth/sqlservice.admin
|
Read/write access to Google Cloud SQL Administration Dashboard. |
https://www.googleapis.com/auth/cloud-platform
|
Instances.import and Instances.export need this additional scope. |
To request access using OAuth 2.0, your application needs the scope information, as well as information that Google supplies when you register your application (such as the client ID and the client secret).
Note : For more information on authorizing requests, see Authorize Requests .
Google Cloud SQL and Google APIs Discovery Service
Google APIs Discovery Service is a service that you can use to discover Google APIs. For example, when you use the Google APIs Explorer tool, you are using the Discovery Service. In the Discovery Service, Google Cloud SQL is represented as "sqladmin" (e.g., https://www.googleapis.com/discovery/v1/apis/ sqladmin /v1beta3/rest). This is different than the base path "sql" that you use in requests to the REST API (e.g., https://www.googleapis.com/ sql /v1beta3/projects/example-id/instances).
Some client libraries also use the Discovery Service. In the client creation code, be sure to use "sqladmin" to access the correct discovery document. For more information, see Client Libraries .
Examples
This section shows some examples of submitting requests to the Google Cloud SQL API from the
command line using the
Google Cloud SDK
and
cURL
commands.
After you authenticate once with the Cloud SDK (
gcloud auth login
),
all subsequent authentication
is handled for you. When you use the
cURL
command, you need to provide an
authentication token for each request.
For a more complete set of examples using the Google Cloud SDK to manage your instances, see Managing Instances Using the Cloud SDK . To create Google Cloud SQL instances, you must enable billing for your project.
Request the available tiers
To test your access to the Google Cloud SQL API, try requesting information about the available tiers (such as D1, D2 and so on). You need an access token to request the list of tiers, but you do not need any project-specific information.
The following example sends a request to list the available tiers.
Cloud SQL Admin Command Line
Uses the
gcloud sql
command line tool in the
Google Cloud SDK
.
$ gcloud sql tiers list
cURL
Uses cURL .
curl --header 'Authorization: Bearer accessToken' \ --header 'Content-Type: application/json' \ https://www.googleapis.com/sql/v1beta3/projects/your-project-id/tiers
Get the Google Cloud SQL instances in a project
The following example sends a request to
list
the Google Cloud SQL instances in the project whose ID is
your-project-id
.
Cloud SQL Admin Command Line
Uses the
gcloud sql
command line tool in the
Google Cloud SDK
.
$ gcloud config set project your-project-id $ gcloud sql instances list
cURL
Uses cURL .
curl --header 'Authorization: Bearer accessToken' \ --header 'Content-Type: application/json' \ https://www.googleapis.com/sql/v1beta3/projects/your-project-id/instances
Get information about a Google Cloud SQL instance
The following example sends a request to
get
information about the
your-instance-name
instance in
your-project-id
project.
Cloud SQL Admin Command Line
Uses the
gcloud sql
command line tool in the
Google Cloud SDK
.
$ gcloud sql instances get your-project-id:your-instance-name
cURL
Uses cURL .
curl --header 'Authorization: Bearer accessToken' \ --header 'Content-Type: application/json' \ https://www.googleapis.com/sql/v1beta3/projects/your-project-id/instances/your-instance-name
Create a Google Cloud SQL instance
The following command sends a request to
insert
(create)
a new Google Cloud SQL D2 instance named
your-instance-name
in the
your-project-id
project.
You can
get
information about the newly
created instance and check when the instance state to see if the instance is ready to use.
Cloud SQL Admin Command Line
Uses the
gcloud sql
command line tool in the
Google Cloud SDK
.
$ gcloud config set project your-project-id $ gcloud sql instances create your-instance-name --tier D2
cURL
Uses cURL .
curl --header 'Authorization: Bearer accessToken' \ --header 'Content-Type: application/json' \ https://www.googleapis.com/sql/v1beta3/projects/your-project-id/instances \ --data '{"instance" : "your-instance-name", "project" : "your-project-id", "settings" : {"tier" : "D2"}}' -X POST
Import a database from a MySQL dump file on Google Cloud Storage into a Google Cloud SQL instance
The following commands send a request to
import
a
SQL dump file
into the
your-instance-name
instance in the
your-project-id
project.
Cloud SQL Admin Command Line
Uses the
gcloud sql
command line tool in the
Google Cloud SDK
.
$ gcloud config set project your-project-id $ gcloud sql instances import your-instance-name --uri gs://yourbucket/sqldumptoimport.gz
cURL
Uses cURL .
curl --header 'Authorization: Bearer accessToken' \ --header 'Content-Type: application/json' \ https://www.googleapis.com/sql/v1beta3/projects/your-project-id/instances/your-instance-name/import \ --data '{"importContext" : { "kind": "sql#importContext","uri": ["gs://yourbucket/sqldumptoimport"]}}' -X POST