Getting Started

Add a Database — Google Cloud SQL for PostgreSQL

Cloud SQL onboarding: authorized networks, postgres user, cloudsql.* flags for SPL extensions.

Cloud SQL is straightforward to onboard if your instance has a public IP. If it's private-only, you can't onboard via hosted mode (MonPG's fleet is in Azure, not GCP, and there's no peering). Run our agent in your GCP VPC instead.

Pre-flight

Cloud SQL PostgreSQL 13+. The postgres user password (or another cloudsqlsuperuser-level credential you've created — but postgres is what most people use). Public IP enabled.

Authorized networks

Cloud SQL → instance → Connections → Networking → Authorized networks → Add:

Name:    monpg-fleet
Network: 20.107.185.112/29

Save. The instance reloads briefly (about thirty seconds) to pick up the new ACL. SSL is required by default; MonPG's require SSL mode works without extra cert configuration.

Onboard via the UI

Setup → Google Cloud → Hosted — Auto-setup. Cloud SQL doesn't expose a default DNS name like RDS does, so the host field gets the public IP shown under Connections. Username postgres, the password you set, sslmode require.

Test, pick databases, Provision. Same DDL as the other clouds.

Extensions via cloudsql.* flags

Cloud SQL takes a different approach to SPL-bound extensions than the other managed PG products. Instead of editing shared_preload_libraries directly, you flip per-extension flags and Cloud SQL handles SPL for you. Edit instance → Flags → set whichever you need:

  • cloudsql.enable_pgaudit=on
  • cloudsql.enable_auto_explain=on
  • cloudsql.enable_pg_cron=on
  • cloudsql.enable_pg_wait_sampling=on

Each flag triggers an automatic instance restart (about a minute). After the restart, CREATE EXTENSION <name>; works.

Pure-DDL extensions (pgstattuple, hypopg, pg_buffercache) don't need a flag — plain CREATE EXTENSION works once they're shipped with your version.

The exception is hypopg: it's not available on Cloud SQL. Don't waste time looking. Index Advisor stays in heuristic-only mode for Cloud SQL customers.

Logs

For Log Insights, create a service account with roles/logging.viewer + roles/cloudsql.viewer, generate a JSON key, paste it into Settings → Servers → GCP cloud integration. Walkthrough on Log Insights GCP.

AlloyDB

AlloyDB onboarding is identical for the writer (primary). Read pool nodes are a separate endpoint and can be added as additional servers — same pattern as Aurora readers. The metrics shape is similar enough that the same dashboards work.