Skip to main content

GCP Sql Admin Instance

A GCP SQL Admin Instance represents a Cloud SQL database instance in Google Cloud Platform. It is a fully-managed relational database service that can run MySQL, PostgreSQL or SQL Server. Overmind treats each Cloud SQL instance as a discrete resource so that its configuration, connectivity and security posture can be analysed before deployment.
For full details, see the official Google documentation: https://cloud.google.com/sql/docs

Terrafrom Mappings:

  • google_sql_database_instance.name

Supported Methods​

  • GET: Get a gcp-sql-admin-instance by its "name"
  • LIST: List all gcp-sql-admin-instance
  • SEARCH

gcp-storage-bucket​

Cloud SQL can import data from or export backups to Cloud Storage buckets. Overmind links the instance to the bucket(s) referenced in import/export or automated backup settings.

gcp-sql-admin-instance​

Read-replicas, fail-over replicas or clone operations create relationships between multiple Cloud SQL instances. Overmind records these peer links so replica chains and blast-radius can be visualised.

gcp-compute-network​

When a private IP configuration is enabled, the instance is attached to a specific VPC network and subnet. This link shows what network traffic can reach the database.

ip​

Each Cloud SQL instance receives one or more public and/or private IP addresses. Overmind exposes these IP objects so they can be correlated with firewall rules and threat-intelligence feeds.

gcp-iam-service-account​

Cloud SQL runs under, and can be accessed by, IAM service accounts. Linking highlights which service accounts hold administrative privileges or are used by the Cloud SQL Auth Proxy.

dns​

Google automatically creates DNS records (e.g. [instance-name].region.sql.goog) that resolve to the instance IPs. Overmind displays these DNS names so you can trace how applications locate the database.

gcp-cloud-kms-crypto-key​

If customer-managed encryption keys (CMEK) are configured, the Cloud SQL instance is encrypted with a specific Cloud KMS crypto key. This link surfaces the key to assess key rotation and access policies.