gcloud alpha sql users create
- NAME
- gcloud alpha sql users create - creates a user in a given instance
- SYNOPSIS
gcloud alpha sql users createUSERNAME--instance=INSTANCE,-iINSTANCE[--async][--host=HOST][--password=PASSWORD][--password-policy-allowed-failed-attempts=PASSWORD_POLICY_ALLOWED_FAILED_ATTEMPTS][--[no-]password-policy-enable-failed-attempts-check][--[no-]password-policy-enable-password-verification][--password-policy-password-expiration-duration=PASSWORD_POLICY_PASSWORD_EXPIRATION_DURATION][--type=TYPE][GCLOUD_WIDE_FLAG …]
- DESCRIPTION
(ALPHA)Creates a user in a given instance with specified username,host, type, and password.- POSITIONAL ARGUMENTS
USERNAME- Cloud SQL username.
- REQUIRED FLAGS
--instance=INSTANCE,-iINSTANCE- Cloud SQL instance ID.
- OPTIONAL FLAGS
--async- Return immediately, without waiting for the operation in progress to complete.
--host=HOST- Cloud SQL user's hostname expressed as a specific IP address or address range.
%denotes an unrestricted hostname. Applicable flag for MySQLinstances; ignored for all other engines. Note, if you connect to your instanceusing IP addresses, you must add your client IP address as an authorizedaddress, even if your hostname is unrestricted. For more information, seeConfigure IP. --password=PASSWORD- Cloud SQL user's password.
--password-policy-allowed-failed-attempts=PASSWORD_POLICY_ALLOWED_FAILED_ATTEMPTS- Number of failed login attempts allowed before a user is locked out.
--[no-]password-policy-enable-failed-attempts-check- Enables the failed login attempts check if set to true. Use
--password-policy-enable-failed-attempts-checkto enable and--no-password-policy-enable-failed-attempts-checkto disable. --[no-]password-policy-enable-password-verification- The current password must be specified when altering the password. Use
--password-policy-enable-password-verificationto enable and--no-password-policy-enable-password-verificationto disable. --password-policy-password-expiration-duration=PASSWORD_POLICY_PASSWORD_EXPIRATION_DURATION- Expiration duration after a password is updated, for example, 2d for 2 days. See
gcloud topicdatetimesfor information on duration formats. --type=TYPE- Cloud SQL user's type. It determines the method to authenticate the user duringlogin. See the list of user types athttps://cloud.google.com/sql/docs/postgres/admin-api/rest/v1beta4/SqlUserType
- GCLOUD WIDE FLAGS
- These flags are available to all commands:
--access-token-file,--account,--billing-project,--configuration,--flags-file,--flatten,--format,--help,--impersonate-service-account,--log-http,--project,--quiet,--trace-token,--user-output-enabled,--verbosity.Run
$gcloud helpfor details. - NOTES
- This command is currently in alpha and might change without notice. If thiscommand fails with API permission errors despite specifying the correct project,you might be trying to access an API with an invitation-only early accessallowlist. These variants are also available:
gcloudsqluserscreategcloudbetasqluserscreate
Except as otherwise noted, the content of this page is licensed under theCreative Commons Attribution 4.0 License, and code samples are licensed under theApache 2.0 License. For details, see theGoogle Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2025-09-16 UTC.