| title | linkTitle | type | weight | description |
|---|---|---|---|---|
AlloyDB for PostgreSQL |
AlloyDB |
docs |
1 |
AlloyDB for PostgreSQL is a fully-managed, PostgreSQL-compatible database for demanding transactional workloads.
|
AlloyDB for PostgreSQL is a fully-managed, PostgreSQL-compatible database for demanding transactional workloads. It provides enterprise-grade performance and availability while maintaining 100% compatibility with open-source PostgreSQL.
If you are new to AlloyDB for PostgreSQL, you can create a free trial cluster.
By default, AlloyDB for PostgreSQL source uses the AlloyDB Go Connector to authorize and establish mTLS connections to your AlloyDB instance. The Go connector uses your Application Default Credentials (ADC) to authorize your connection to AlloyDB.
In addition to setting the ADC for your server, you need to ensure the IAM identity has been given the following IAM roles (or corresponding permissions):
roles/alloydb.clientroles/serviceusage.serviceUsageConsumer
AlloyDB supports connecting over both from external networks via the internet (public IP), and internal networks (private IP). For more information on choosing between the two options, see the AlloyDB page Connection overview.
You can configure the ipType parameter in your source configuration to
public or private to match your cluster's configuration. Regardless of which
you choose, all connections use IAM-based authorization and are encrypted with
mTLS.
This source supports both password-based authentication and IAM authentication (using your Application Default Credentials).
To connect using user/password, create
a PostgreSQL user and input your credentials in the user and
password fields.
user: ${USER_NAME}
password: ${PASSWORD}To connect using IAM authentication:
- Prepare your database instance and user following this guide.
- You could choose one of the two ways to log in:
- Specify your IAM email as the
user. - Leave your
userfield blank. Toolbox will fetch the ADC automatically and log in using the email associated with it.
- Specify your IAM email as the
- Leave the
passwordfield blank.
sources:
my-alloydb-pg-source:
kind: alloydb-postgres
project: my-project-id
region: us-central1
cluster: my-cluster
instance: my-instance
database: my_db
user: ${USER_NAME}
password: ${PASSWORD}
# ipType: "public"{{< notice tip >}} Use environment variable replacement with the format ${ENV_NAME} instead of hardcoding your secrets into the configuration file. {{< /notice >}}
| field | type | required | description |
|---|---|---|---|
| kind | string | true | Must be "alloydb-postgres". |
| project | string | true | Id of the GCP project that the cluster was created in (e.g. "my-project-id"). |
| region | string | true | Name of the GCP region that the cluster was created in (e.g. "us-central1"). |
| cluster | string | true | Name of the AlloyDB cluster (e.g. "my-cluster"). |
| instance | string | true | Name of the AlloyDB instance within the cluster (e.g. "my-instance"). |
| database | string | true | Name of the Postgres database to connect to (e.g. "my_db"). |
| user | string | false | Name of the Postgres user to connect as (e.g. "my-pg-user"). Defaults to IAM auth using ADC email if unspecified. |
| password | string | false | Password of the Postgres user (e.g. "my-password"). Defaults to attempting IAM authentication if unspecified. |
| ipType | string | false | IP Type of the AlloyDB instance; must be one of public or private. Default: public. |