View instance information

MySQL  |  PostgreSQL  |  SQL Server

This page describes how to view information about a Cloud SQL instance.

View instance summary information

You can view summary information about Cloud SQL instances by using the Google Cloud console,gcloud CLI, or the API.

Important:Cloud SQL generates a write endpoint automatically for your Cloud SQL Enterprise Plus edition instance. For more information about viewing this endpoint, seeView the write endpoint.

Console

  1. In the Google Cloud console, go to theCloud SQL Instances page.

    Go to Cloud SQL Instances

    The following information appears about Cloud SQL instances that havePrivate Service Connect enabled for them:

  2. To see the current instance state, hold the pointer over the status icon next to an instance name.

    If the instance is in aFAILED orMAINTENANCE state, then you canrecover the instance by selecting a time from the past and restoring the instance to its state at that time.

  3. To open theOverview page of an instance, click the instance name.

    In theConnect to this instance card, the following additional information appears about Cloud SQL instances with Private Service Connect enabled:

    • Private IP connectivity: the status isEnabled because the instance must have an internal IP address
    • Allowed projects: theseprojects allow connections from Private Service Connect endpoints to the instance
    • Service attachment: the service attachment of the instance
    • Public IP connectivity: the status isDisabled because external IP connections aren't supported

  4. To see connectivity information about the instance, including whether an internal or external IP address is added to the instance, any authorized networks associated with the instance, and whether other Google Cloud services, such as BigQuery, can access data in Cloud SQL and make queries against this data over an internal connection, click theConnections tab.

    For more information about this tab, seeAbout connection options.

  5. Click theNetworking tab. The following information appears about instances that have Private Service Connect enabled for them:

    • ThePrivate IP checkbox is selected, but deactivated. The instance must have an internal IP address, and this setting can't be changed.
    • The allowed projects for the instance.
    • ThePublic IP checkbox is selected, but deactivated.
    • TheAuthorized networks field is deactivated because the instance uses Private Service Connect, which doesn't support this feature.

gcloud

For information about installing and getting started with the gcloud CLI, seeInstall the gcloud CLI. For information about starting Cloud Shell, seeUse Cloud Shell.

  1. To view summary information about an instance, use thegcloud sql instances describe command:

    gcloudsqlinstancesdescribeINSTANCE_NAME\--project=PROJECT_ID

    Make the following replacements:

    Here's an example of the output for running this command:

    gcloudsqlinstancesdescribemyinstance\--project=12345...dnsName:mydnsname...pscServiceAttachmentLink:projects/myproject/regions/myregion/serviceAttachments/myserviceattachment...settings:...ipConfiguration:ipv4Enabled:falsepscConfig:allowedConsumerProjects:-projects/23456-projects/34567pscEnabled:true
  2. To view more-detailed information about instances that have Private Service Connect enabled for them, add the following parameters:
    3. SettingParameterNotes
    DNS NamednsNameTheDNS name for the instance. We recommend that you create aDNS record with this name and point it to the IP address of the Private Service Connect endpoint. We also recommend that you use this name to connect to the instance.
    Service attachmentpscServiceAttachmentLinkThe URI that points to theservice attachment of the instance. Use this URI to create the Private Service Connect endpoint.
    Allowed consumer projectsallowedConsumerProjectsA list of theallowed projects for the instance. You can create Private Service Connect endpoints from any VPC networks in these projects to the service attachment of the instance.
    Enabling Private Service ConnectpscEnabledWhether an instance has Private Service Connect enabled for it.

Note:To obtain the write endpoint for your Cloud SQL instance, use thegcloud sql instances describe command. This endpoint is the value that's associated with thepsaWriteEndpoint parameter.

Terraform

To create an instance, use aTerraform resource.

resource "google_sql_database_instance" "postgres_pvp_instance_name" {  name             = "postgres-pvp-instance-name"  region           = "asia-northeast1"  database_version = "POSTGRES_14"  root_password    = "abcABC123!"  settings {    tier = "db-custom-2-7680"    password_validation_policy {      min_length                  = 6      reuse_interval              = 2      complexity                  = "COMPLEXITY_DEFAULT"      disallow_username_substring = true      password_change_interval    = "30s"      enable_password_policy      = true    }  }  # set `deletion_protection` to true, will ensure that one cannot accidentally delete this instance by  # use of Terraform whereas `deletion_protection_enabled` flag protects this instance at the GCP level.  deletion_protection = false}

Apply the changes

To apply your Terraform configuration in a Google Cloud project, complete the steps in the following sections.

Prepare Cloud Shell

  1. LaunchCloud Shell.

  2. Set the default Google Cloud project where you want to apply your Terraform configurations.

    You only need to run this command once per project, and you can run it in any directory.

    export GOOGLE_CLOUD_PROJECT=PROJECT_ID

    Environment variables are overridden if you set explicit values in the Terraform configuration file.

Prepare the directory

Each Terraform configuration file must have its own directory (alsocalled aroot module).

  1. InCloud Shell, create a directory and a new file within that directory. The filename must have the.tf extension—for examplemain.tf. In this tutorial, the file is referred to asmain.tf.
    mkdirDIRECTORY && cdDIRECTORY && touch main.tf

  2. If you are following a tutorial, you can copy the sample code in each section or step.

    Copy the sample code into the newly createdmain.tf.

    Optionally, copy the code from GitHub. This is recommended when the Terraform snippet is part of an end-to-end solution.

  3. Review and modify the sample parameters to apply to your environment.
  4. Save your changes.
  5. Initialize Terraform. You only need to do this once per directory.
    terraform init

    Optionally, to use the latest Google provider version, include the-upgrade option:

    terraform init -upgrade

Apply the changes

  1. Review the configuration and verify that the resources that Terraform is going to create or update match your expectations:
    terraform plan

    Make corrections to the configuration as necessary.

  2. Apply the Terraform configuration by running the following command and enteringyes at the prompt:
    terraform apply

    Wait until Terraform displays the "Apply complete!" message.

  3. Open your Google Cloud project to view the results. In the Google Cloud console, navigate to your resources in the UI to make sure that Terraform has created or updated them.
Note: Terraform samples typically assume that the required APIs are enabled in your Google Cloud project.

Delete the changes

To delete your changes, do the following:

  1. To disable deletion protection, in your Terraform configuration file set thedeletion_protection argument tofalse.
    deletion_protection =  "false"
  2. Apply the updated Terraform configuration by running the following command and enteringyes at the prompt:
    terraform apply

  1. Remove resources previously applied with your Terraform configuration by running the following command and enteringyes at the prompt:

    terraform destroy

REST v1

Before using any of the request data, make the following replacements:

HTTP method and URL:

GET https://sqladmin.googleapis.com/v1/projects/PROJECT_ID/instances/INSTANCE_NAME

To send your request, expand one of these options:

curl (Linux, macOS, or Cloud Shell)

Note: The following command assumes that you have logged in to thegcloud CLI with your user account by runninggcloud init orgcloud auth login , or by usingCloud Shell, which automatically logs you into thegcloud CLI . You can check the currently active account by runninggcloud auth list.

Execute the following command:

curl -X GET \
     -H "Authorization: Bearer $(gcloud auth print-access-token)" \
     "https://sqladmin.googleapis.com/v1/projects/PROJECT_ID/instances/INSTANCE_NAME"

PowerShell (Windows)

Note: The following command assumes that you have logged in to thegcloud CLI with your user account by runninggcloud init orgcloud auth login . You can check the currently active account by runninggcloud auth list.

Execute the following command:

$cred = gcloud auth print-access-token
$headers = @{ "Authorization" = "Bearer $cred" }

Invoke-WebRequest `
    -Method GET `
    -Headers $headers `
    -Uri "https://sqladmin.googleapis.com/v1/projects/PROJECT_ID/instances/INSTANCE_NAME" | Select-Object -Expand Content

You should receive a JSON response similar to the following:

{  "kind": "sql#instance",  "state": "RUNNABLE",  "databaseVersion": "POSTGRES_13",  "settings": {    "authorizedGaeApplications": [],    "tier": "db-custom-2-7680",    "kind": "sql#settings",    "availabilityType": "REGIONAL",    "pricingPlan": "PER_USE",    "replicationType": "SYNCHRONOUS",    "activationPolicy": "ALWAYS",    "ipConfiguration": {      "authorizedNetworks": [],      "pscConfig": {        "allowedConsumerProjects": [          "ALLOWED_PROJECTS"        ],        "pscEnabled": true      },      "ipv4Enabled": false    },  ...  "createTime": "2023-06-14T18:48:34.975Z",  "sqlNetworkArchitecture": "NEW_NETWORK_ARCHITECTURE",  "pscServiceAttachmentLink": "projects/PROJECT_ID/regions/REGION_NAME/serviceAttachments/SERVICE_ATTACHMENT_ID",  "dnsName": "DNS_NAME"}

The following fields exist for instances that have Private Service Connect enabled for them:

  • allowedConsumerProjects: a list of theallowed projects for the instance. You can create Private Service Connect endpoints from any VPC networks in these projects to theservice attachment of the instance.
  • pscEnabled: whether an instance has Private Service Connect enabled for it.
  • pscServiceAttachmentLink: the URI that points to the service attachment of the instance. Use this URI to create the Private Service Connect endpoint.
  • dnsName: theDNS name for the instance. We recommend that you create aDNS record with this name and point it to the IP address of the Private Service Connect endpoint. We also recommend that you use this name to connect to the instance.

To see how to construct theunderlying REST API request for this task, see theinstances:get page.

Note:To obtain the write endpoint for your Cloud SQL instance, use theinstances:get method. This endpoint is the value that's associated with thepsaWriteEndpoint parameter.

REST v1beta4

Before using any of the request data, make the following replacements:

HTTP method and URL:

GET https://sqladmin.googleapis.com/sql/v1beta4/projects/PROJECT_ID/instances/INSTANCE_NAME

To send your request, expand one of these options:

curl (Linux, macOS, or Cloud Shell)

Note: The following command assumes that you have logged in to thegcloud CLI with your user account by runninggcloud init orgcloud auth login , or by usingCloud Shell, which automatically logs you into thegcloud CLI . You can check the currently active account by runninggcloud auth list.

Execute the following command:

curl -X GET \
     -H "Authorization: Bearer $(gcloud auth print-access-token)" \
     "https://sqladmin.googleapis.com/sql/v1beta4/projects/PROJECT_ID/instances/INSTANCE_NAME"

PowerShell (Windows)

Note: The following command assumes that you have logged in to thegcloud CLI with your user account by runninggcloud init orgcloud auth login . You can check the currently active account by runninggcloud auth list.

Execute the following command:

$cred = gcloud auth print-access-token
$headers = @{ "Authorization" = "Bearer $cred" }

Invoke-WebRequest `
    -Method GET `
    -Headers $headers `
    -Uri "https://sqladmin.googleapis.com/sql/v1beta4/projects/PROJECT_ID/instances/INSTANCE_NAME" | Select-Object -Expand Content

You should receive a JSON response similar to the following:

{  "kind": "sql#instance",  "state": "RUNNABLE",  "databaseVersion": "POSTGRES_13",  "settings": {    "authorizedGaeApplications": [],    "tier": "db-custom-2-7680",    "kind": "sql#settings",    "availabilityType": "REGIONAL",    "pricingPlan": "PER_USE",    "replicationType": "SYNCHRONOUS",    "activationPolicy": "ALWAYS",    "ipConfiguration": {      "authorizedNetworks": [],      "pscConfig": {        "allowedConsumerProjects": [          "ALLOWED_PROJECTS"        ],        "pscEnabled": true      },      "ipv4Enabled": false    },  ...  "createTime": "2023-06-14T18:48:34.975Z",  "sqlNetworkArchitecture": "NEW_NETWORK_ARCHITECTURE",  "pscServiceAttachmentLink": "projects/PROJECT_ID/regions/REGION_NAME/serviceAttachments/SERVICE_ATTACHMENT_ID",  "dnsName": "DNS_NAME"}

The following fields exist for instances that have Private Service Connect enabled for them:

  • allowedConsumerProjects: a list of theallowed projects for the instance. You can create Private Service Connect endpoints from any VPC networks in these projects to theservice attachment of the instance.
  • pscEnabled: whether an instance has Private Service Connect enabled for it.
  • pscServiceAttachmentLink: the URI that points to the service attachment of the instance. Use this URI to create the Private Service Connect endpoint.
  • dnsName: theDNS name for the instance. We recommend that you create aDNS record with this name and point it to the IP address of the Private Service Connect endpoint. We also recommend that you use this name to connect to the instance.

Note:To obtain the write endpoint for your Cloud SQL instance, use theinstances:get method. This endpoint is the value that's associated with thepsaWriteEndpoint parameter.

You might see some banners at the top suggesting actions that you mightwant to take.

View the write endpoint

A write endpoint is a global domain name service (DNS) name that resolves to theIP address of the current primary instance automatically. This endpoint redirectsincoming connections to the new primary instance automatically in case of a replicafailover or switchoveroperation. You can use the write endpoint in a SQL connection string instead ofan IP address. By using a write endpoint, you can avoid having to makeapplication connection changes when a region outage occurs.

For more information about using a write endpoint to connect to an instance, seeConnect to an instance using a write endpoint.

Metrics

This section provides usage charts of key instance metrics that you can use tomonitor your instances. When working with metric data, keep the following factsin mind:

  • A data point for a metric is an aggregate over all databaseshosted by the instance.
  • Data is reported in local time.
  • Rendered charts don't refresh automatically; to see new data, you mustrefresh the page.
  • There is a delay of a few minutes between when metric data is recordedand the time it is displayed in the usage charts.

For more information about the metrics shown in the chart,seeMonitoring Cloud SQL instances.

For a complete list of Cloud SQL metrics provided by Cloud Monitoring,see theCloud SQL metrics list.

For more information about using Cloud Monitoring with Google Cloud,see theCloud Monitoring documentation.

Connect to this instance

In theConnect to this instance section, you can find your instance'sIP addresses, VPC network, and connection name.

To open a terminal and connect to your instance, clickConnect using Cloud Shell.

To open a related tutorial in the right pane, clickConnect from a Compute Engine VM instance.

To go toConnection options,clickSee all connection methods.

For more information about connecting to an instance, seeConnecting overview.

Service account

This section shows the instance's service account email address.

For more information, see the IAMservice accounts documentation.

Configuration

This section shows current configuration settings of the instance.

To change configuration settings, clickEdit configuration.

For more information about editing the instance configuration, seeediting an instance.

Operations and logs

This section lists recent instance operations, such as creating backups.

To see recent operations, clickView all operations.

To see logging information, clickView PostgreSQL Error Logs.

For more information about the Operations and the Logs Explorer pages, seeCloud SQL logging.

For generic information about logging, seeViewing logs andExporting logs.

Maintenance

This section shows the current maintenance update settings and schedule.

To change preferences, clickEdit maintenance preferences.

To change notification settings, clickEdit notification preferences.

For more information about maintenance in Cloud SQL, seeMaintenance overview.

What's next

Except as otherwise noted, the content of this page is licensed under theCreative Commons Attribution 4.0 License, and code samples are licensed under theApache 2.0 License. For details, see theGoogle Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025-07-16 UTC.