File: //snap/google-cloud-cli/current/help/man/man1/gcloud_sql_instances_patch.1
.TH "GCLOUD_SQL_INSTANCES_PATCH" 1
.SH "NAME"
.HP
gcloud sql instances patch \- updates the settings of a Cloud SQL instance
.SH "SYNOPSIS"
.HP
\f5gcloud sql instances patch\fR \fIINSTANCE\fR [\fB\-\-activation\-policy\fR=\fIACTIVATION_POLICY\fR] [\fB\-\-active\-directory\-dns\-servers\fR=[\fIDNS_SERVER_IP_ADDRESS\fR,...]] [\fB\-\-active\-directory\-domain\fR=\fIACTIVE_DIRECTORY_DOMAIN\fR] [\fB\-\-active\-directory\-mode\fR=\fIACTIVE_DIRECTORY_MODE\fR] [\fB\-\-active\-directory\-organizational\-unit\fR=\fIACTIVE_DIRECTORY_ORGANIZATIONAL_UNIT\fR] [\fB\-\-active\-directory\-secret\-manager\-key\fR=\fIACTIVE_DIRECTORY_SECRET_MANAGER_KEY\fR] [\fB\-\-[no\-]assign\-ip\fR] [\fB\-\-async\fR] [\fB\-\-audit\-bucket\-path\fR=\fIAUDIT_BUCKET_PATH\fR] [\fB\-\-audit\-retention\-interval\fR=\fIAUDIT_RETENTION_INTERVAL\fR] [\fB\-\-audit\-upload\-interval\fR=\fIAUDIT_UPLOAD_INTERVAL\fR] [\fB\-\-availability\-type\fR=\fIAVAILABILITY_TYPE\fR] [\fB\-\-clear\-active\-directory\fR] [\fB\-\-clear\-active\-directory\-dns\-servers\fR] [\fB\-\-clear\-failover\-dr\-replica\-name\fR] [\fB\-\-clear\-password\-policy\fR] [\fB\-\-connector\-enforcement\fR=\fICONNECTOR_ENFORCEMENT\fR] [\fB\-\-cpu\fR=\fICPU\fR] [\fB\-\-database\-version\fR=\fIDATABASE_VERSION\fR] [\fB\-\-[no\-]deletion\-protection\fR] [\fB\-\-deny\-maintenance\-period\-end\-date\fR=\fIDENY_MAINTENANCE_PERIOD_END_DATE\fR] [\fB\-\-deny\-maintenance\-period\-start\-date\fR=\fIDENY_MAINTENANCE_PERIOD_START_DATE\fR] [\fB\-\-deny\-maintenance\-period\-time\fR=\fIDENY_MAINTENANCE_PERIOD_TIME\fR] [\fB\-\-diff\fR] [\fB\-\-edition\fR=\fIEDITION\fR] [\fB\-\-enable\-auto\-upgrade\-minor\-version\fR] [\fB\-\-[no\-]enable\-bin\-log\fR] [\fB\-\-[no\-]enable\-connection\-pooling\fR] [\fB\-\-[no\-]enable\-data\-cache\fR] [\fB\-\-[no\-]enable\-database\-replication\fR] [\fB\-\-[no\-]enable\-dataplex\-integration\fR] [\fB\-\-[no\-]enable\-google\-ml\-integration\fR] [\fB\-\-[no\-]enable\-google\-private\-path\fR] [\fB\-\-enable\-password\-policy\fR] [\fB\-\-enable\-point\-in\-time\-recovery\fR] [\fB\-\-[no\-]enable\-private\-service\-connect\fR] [\fB\-\-enforce\-new\-sql\-network\-architecture\fR] [\fB\-\-failover\-dr\-replica\-name\fR=\fIFAILOVER_DR_REPLICA_NAME\fR] [\fB\-\-[no\-]final\-backup\fR] [\fB\-\-final\-backup\-retention\-days\fR=\fIFINAL_BACKUP_RETENTION_DAYS\fR] [\fB\-\-follow\-gae\-app\fR=\fIFOLLOW_GAE_APP\fR] [\fB\-\-[no\-]include\-replicas\-for\-major\-version\-upgrade\fR] [\fB\-\-[no\-]insights\-config\-query\-insights\-enabled\fR] [\fB\-\-insights\-config\-query\-plans\-per\-minute\fR=\fIINSIGHTS_CONFIG_QUERY_PLANS_PER_MINUTE\fR] [\fB\-\-insights\-config\-query\-string\-length\fR=\fIINSIGHTS_CONFIG_QUERY_STRING_LENGTH\fR] [\fB\-\-[no\-]insights\-config\-record\-application\-tags\fR] [\fB\-\-[no\-]insights\-config\-record\-client\-address\fR] [\fB\-\-instance\-type\fR=\fIINSTANCE_TYPE\fR] [\fB\-\-maintenance\-release\-channel\fR=\fIMAINTENANCE_RELEASE_CHANNEL\fR] [\fB\-\-maintenance\-version\fR=\fIMAINTENANCE_VERSION\fR] [\fB\-\-maintenance\-window\-any\fR] [\fB\-\-maintenance\-window\-day\fR=\fIMAINTENANCE_WINDOW_DAY\fR] [\fB\-\-maintenance\-window\-hour\fR=\fIMAINTENANCE_WINDOW_HOUR\fR] [\fB\-\-memory\fR=\fIMEMORY\fR] [\fB\-\-network\fR=\fINETWORK\fR] [\fB\-\-node\-count\fR=\fINODE_COUNT\fR] [\fB\-\-password\-policy\-complexity\fR=\fIPASSWORD_POLICY_COMPLEXITY\fR] [\fB\-\-[no\-]password\-policy\-disallow\-username\-substring\fR] [\fB\-\-password\-policy\-min\-length\fR=\fIPASSWORD_POLICY_MIN_LENGTH\fR] [\fB\-\-password\-policy\-password\-change\-interval\fR=\fIPASSWORD_POLICY_PASSWORD_CHANGE_INTERVAL\fR] [\fB\-\-password\-policy\-reuse\-interval\fR=\fIPASSWORD_POLICY_REUSE_INTERVAL\fR] [\fB\-\-pricing\-plan\fR=\fIPRICING_PLAN\fR,\ \fB\-p\fR\ \fIPRICING_PLAN\fR] [\fB\-\-[no\-]recreate\-replicas\-on\-primary\-crash\fR] [\fB\-\-remove\-deny\-maintenance\-period\fR] [\fB\-\-replication\fR=\fIREPLICATION\fR] [\fB\-\-[no\-]require\-ssl\fR] [\fB\-\-[no\-]retain\-backups\-on\-delete\fR] [\fB\-\-server\-ca\-mode\fR=\fISERVER_CA_MODE\fR] [\fB\-\-server\-ca\-pool\fR=\fISERVER_CA_POOL\fR] [\fB\-\-simulate\-maintenance\-event\fR] [\fB\-\-ssl\-mode\fR=\fISSL_MODE\fR] [\fB\-\-[no\-]storage\-auto\-increase\fR] [\fB\-\-storage\-provisioned\-iops\fR=\fISTORAGE_PROVISIONED_IOPS\fR] [\fB\-\-storage\-provisioned\-throughput\fR=\fISTORAGE_PROVISIONED_THROUGHPUT\fR] [\fB\-\-storage\-size\fR=\fISTORAGE_SIZE\fR] [\fB\-\-switch\-transaction\-logs\-to\-cloud\-storage\fR] [\fB\-\-threads\-per\-core\fR=\fITHREADS_PER_CORE\fR] [\fB\-\-tier\fR=\fITIER\fR,\ \fB\-t\fR\ \fITIER\fR] [\fB\-\-time\-zone\fR=\fITIME_ZONE\fR] [\fB\-\-upgrade\-sql\-network\-architecture\fR] [\fB\-\-allowed\-psc\-projects\fR=\fIPROJECT\fR,[\fIPROJECT\fR,...]\ |\ \fB\-\-clear\-allowed\-psc\-projects\fR] [\fB\-\-authorized\-gae\-apps\fR=\fIAPP\fR,[\fIAPP\fR,...]\ |\ \fB\-\-clear\-gae\-apps\fR] [\fB\-\-authorized\-networks\fR=\fINETWORK\fR,[\fINETWORK\fR,...]\ |\ \fB\-\-clear\-authorized\-networks\fR] [\fB\-\-clear\-connection\-pool\-flags\fR\ |\ \fB\-\-connection\-pool\-flags\fR=\fIFLAG\fR=\fIVALUE\fR,[\fIFLAG\fR=\fIVALUE\fR,...]] [\fB\-\-clear\-custom\-subject\-alternative\-names\fR\ |\ \fB\-\-custom\-subject\-alternative\-names\fR=\fIDNS\fR,[\fIDNS\fR,[\fIDNS\fR]]] [\fB\-\-clear\-database\-flags\fR\ |\ \fB\-\-database\-flags\fR=\fIFLAG\fR=\fIVALUE\fR,[\fIFLAG\fR=\fIVALUE\fR,...]] [\fB\-\-clear\-psc\-auto\-connections\fR\ |\ \fB\-\-psc\-auto\-connections\fR=[\fInetwork\fR=\fINETWORK\fR],[\fIproject\fR=\fIPROJECT\fR]] [\fB\-\-clear\-psc\-network\-attachment\-uri\fR\ |\ \fB\-\-psc\-network\-attachment\-uri\fR=\fIPSC_NETWORK_ATTACHMENT_URI\fR] [\fB\-\-gce\-zone\fR=\fIGCE_ZONE\fR\ |\ \fB\-\-secondary\-zone\fR=\fISECONDARY_ZONE\fR\ \fB\-\-zone\fR=\fIZONE\fR] [\fB\-\-[no\-]auto\-scale\-disable\-scale\-in\fR\ \fB\-\-[no\-]auto\-scale\-enabled\fR\ \fB\-\-auto\-scale\-in\-cooldown\-seconds\fR=\fIAUTO_SCALE_IN_COOLDOWN_SECONDS\fR\ \fB\-\-auto\-scale\-max\-node\-count\fR=\fIAUTO_SCALE_MAX_NODE_COUNT\fR\ \fB\-\-auto\-scale\-min\-node\-count\fR=\fIAUTO_SCALE_MIN_NODE_COUNT\fR\ \fB\-\-auto\-scale\-out\-cooldown\-seconds\fR=\fIAUTO_SCALE_OUT_COOLDOWN_SECONDS\fR\ \fB\-\-auto\-scale\-target\-metrics\fR=[\fIMETRIC\fR=\fIVALUE\fR,...]] [\fB\-\-no\-backup\fR\ |\ \fB\-\-backup\-location\fR=\fIBACKUP_LOCATION\fR\ \fB\-\-backup\-start\-time\fR=\fIBACKUP_START_TIME\fR\ \fB\-\-retained\-backups\-count\fR=\fIRETAINED_BACKUPS_COUNT\fR\ \fB\-\-retained\-transaction\-log\-days\fR=\fIRETAINED_TRANSACTION_LOG_DAYS\fR] [\fIGCLOUD_WIDE_FLAG\ ...\fR]
.SH "DESCRIPTION"
Updates the settings of a Cloud SQL instance.
.SH "POSITIONAL ARGUMENTS"
.RS 2m
.TP 2m
\fIINSTANCE\fR
Cloud SQL instance ID.
.RE
.sp
.SH "FLAGS"
.RS 2m
.TP 2m
\fB\-\-activation\-policy\fR=\fIACTIVATION_POLICY\fR
Activation policy for this instance. This specifies when the instance should be
activated and is applicable only when the instance state is \f5RUNNABLE\fR. The
default is \f5always\fR. More information on activation policies can be found
here:
https://cloud.google.com/sql/docs/mysql/start\-stop\-restart\-instance#activation_policy.
\fIACTIVATION_POLICY\fR must be one of: \fBalways\fR, \fBnever\fR.
.TP 2m
\fB\-\-active\-directory\-dns\-servers\fR=[\fIDNS_SERVER_IP_ADDRESS\fR,...]
A comma\-separated list of the DNS servers to be used for Active Directory. Only
available for SQL Server instances. E.g: 10.0.0.1,10.0.0.2
.TP 2m
\fB\-\-active\-directory\-domain\fR=\fIACTIVE_DIRECTORY_DOMAIN\fR
Managed Service for Microsoft Active Directory domain this instance is joined
to. Only available for SQL Server instances.
.TP 2m
\fB\-\-active\-directory\-mode\fR=\fIACTIVE_DIRECTORY_MODE\fR
Defines the Active Directory mode. Only available for SQL Server instances.
\fIACTIVE_DIRECTORY_MODE\fR must be one of: \fBMANAGED_ACTIVE_DIRECTORY\fR,
\fBCUSTOMER_MANAGED_ACTIVE_DIRECTORY\fR.
.TP 2m
\fB\-\-active\-directory\-organizational\-unit\fR=\fIACTIVE_DIRECTORY_ORGANIZATIONAL_UNIT\fR
Defines the organizational unit to be used for Active Directory. Only available
for SQL Server instances. E.g: OU=Cloud,DC=ad,DC=example,DC=com
.TP 2m
\fB\-\-active\-directory\-secret\-manager\-key\fR=\fIACTIVE_DIRECTORY_SECRET_MANAGER_KEY\fR
The secret manager key storing administrator credentials. Only available for SQL
Server instances.
.TP 2m
\fB\-\-[no\-]assign\-ip\fR
Assign a public IP address to the instance. This is a public, externally
available IPv4 address that you can use to connect to your instance when
properly authorized. Use \fB\-\-assign\-ip\fR to enable and
\fB\-\-no\-assign\-ip\fR to disable.
.TP 2m
\fB\-\-async\fR
Return immediately, without waiting for the operation in progress to complete.
.TP 2m
\fB\-\-audit\-bucket\-path\fR=\fIAUDIT_BUCKET_PATH\fR
The location, as a Cloud Storage bucket, to which audit files are uploaded. The
URI is in the form gs://bucketName/folderName. Only available for SQL Server
instances.
.TP 2m
\fB\-\-audit\-retention\-interval\fR=\fIAUDIT_RETENTION_INTERVAL\fR
The number of days for audit log retention on disk, for example, 3dfor 3 days.
Only available for SQL Server instances.
.TP 2m
\fB\-\-audit\-upload\-interval\fR=\fIAUDIT_UPLOAD_INTERVAL\fR
How often to upload audit logs (audit files), for example, 30mfor 30 minutes.
Only available for SQL Server instances.
.TP 2m
\fB\-\-availability\-type\fR=\fIAVAILABILITY_TYPE\fR
Specifies level of availability. \fIAVAILABILITY_TYPE\fR must be one of:
.RS 2m
.TP 2m
\fBregional\fR
Provides high availability and is recommended for production instances; instance
automatically fails over to another zone within your selected region.
.TP 2m
\fBzonal\fR
Provides no failover capability. This is the default.
.RE
.sp
.TP 2m
\fB\-\-clear\-active\-directory\fR
Clears the Active Directory configuration.
.TP 2m
\fB\-\-clear\-active\-directory\-dns\-servers\fR
Removes the list of DNS Servers from the Active Directory Config.
.TP 2m
\fB\-\-clear\-failover\-dr\-replica\-name\fR
Clear the DR replica setting for the primary instance. Flag is only available
for MySQL and PostgreSQL database instances.
.TP 2m
\fB\-\-clear\-password\-policy\fR
Clear the existing password policy. This flag is only available for Postgres.
.TP 2m
\fB\-\-connector\-enforcement\fR=\fICONNECTOR_ENFORCEMENT\fR
Cloud SQL Connector enforcement mode. It determines how Cloud SQL Connectors are
used in the connection. See the list of modes here
(https://cloud.google.com/sql/docs/mysql/admin\-api/rest/v1beta4/instances#connectorenforcement).
\fICONNECTOR_ENFORCEMENT\fR must be one of:
.RS 2m
.TP 2m
\fBCONNECTOR_ENFORCEMENT_UNSPECIFIED\fR
The requirement for Cloud SQL connectors is unknown.
.TP 2m
\fBNOT_REQUIRED\fR
Does not require Cloud SQL connectors.
.TP 2m
\fBREQUIRED\fR
Requires all connections to use Cloud SQL connectors, including the Cloud SQL
Auth Proxy and Cloud SQL Java, Python, and Go connectors. Note: This disables
all existing authorized networks.
.RE
.sp
.TP 2m
\fB\-\-cpu\fR=\fICPU\fR
Whole number value indicating how many cores are desired in the machine. Both
\-\-cpu and \-\-memory must be specified if a custom machine type is desired,
and the \-\-tier flag must be omitted.\-\-cpu and \-\-memory flags are not
compatible with the Enterprise Plus edition. These flags should not be used when
creating an Enterprise Plus edition, as the machine configuration is determined
by the \-\-tier flag instead.
.TP 2m
\fB\-\-database\-version\fR=\fIDATABASE_VERSION\fR
The database engine type and versions. If left unspecified, no changes occur.
See the list of database versions at
https://cloud.google.com/sql/docs/mysql/admin\-api/rest/v1beta4/SqlDatabaseVersion.
Apart from listed major versions, DATABASE_VERSION also accepts supported minor
versions. \fIDATABASE_VERSION\fR must be one of: \fBMYSQL_5_6\fR,
\fBMYSQL_5_7\fR, \fBMYSQL_8_0\fR, \fBMYSQL_8_4\fR, \fBPOSTGRES_9_6\fR,
\fBPOSTGRES_10\fR, \fBPOSTGRES_11\fR, \fBPOSTGRES_12\fR, \fBPOSTGRES_13\fR,
\fBPOSTGRES_14\fR, \fBPOSTGRES_15\fR, \fBPOSTGRES_16\fR, \fBPOSTGRES_17\fR,
\fBPOSTGRES_18\fR, \fBSQLSERVER_2017_EXPRESS\fR, \fBSQLSERVER_2017_WEB\fR,
\fBSQLSERVER_2017_STANDARD\fR, \fBSQLSERVER_2017_ENTERPRISE\fR,
\fBSQLSERVER_2019_EXPRESS\fR, \fBSQLSERVER_2019_WEB\fR,
\fBSQLSERVER_2019_STANDARD\fR, \fBSQLSERVER_2019_ENTERPRISE\fR,
\fBSQLSERVER_2022_EXPRESS\fR, \fBSQLSERVER_2022_WEB\fR,
\fBSQLSERVER_2022_STANDARD\fR, \fBSQLSERVER_2022_ENTERPRISE\fR.
.TP 2m
\fB\-\-[no\-]deletion\-protection\fR
Enable deletion protection on a Cloud SQL instance. Use
\fB\-\-deletion\-protection\fR to enable and \fB\-\-no\-deletion\-protection\fR
to disable.
.TP 2m
\fB\-\-deny\-maintenance\-period\-end\-date\fR=\fIDENY_MAINTENANCE_PERIOD_END_DATE\fR
Date when the deny maintenance period ends, that is \f5\fI2021\-01\-10\fR\fR.
.TP 2m
\fB\-\-deny\-maintenance\-period\-start\-date\fR=\fIDENY_MAINTENANCE_PERIOD_START_DATE\fR
Date when the deny maintenance period begins, that is \f5\fI2020\-11\-01\fR\fR.
.TP 2m
\fB\-\-deny\-maintenance\-period\-time\fR=\fIDENY_MAINTENANCE_PERIOD_TIME\fR
Time when the deny maintenance period starts or ends, that is
\f5\fI05:00:00\fR\fR.
.TP 2m
\fB\-\-diff\fR
Show what changed as a result of the update.
.TP 2m
\fB\-\-edition\fR=\fIEDITION\fR
Specifies the edition of Cloud SQL instance. \fIEDITION\fR must be one of:
\fBenterprise\fR, \fBenterprise\-plus\fR.
.TP 2m
\fB\-\-enable\-auto\-upgrade\-minor\-version\fR
Enables auto\-upgrade for MySQL 8.0 minor versions. The MySQL version must be
8.0.35 or higher.
.TP 2m
\fB\-\-[no\-]enable\-bin\-log\fR
Allows for data recovery from a specific point in time, down to a fraction of a
second. Must have automatic backups enabled to use. Make sure storage can
support at least 7 days of logs. Use \fB\-\-enable\-bin\-log\fR to enable and
\fB\-\-no\-enable\-bin\-log\fR to disable.
.TP 2m
\fB\-\-[no\-]enable\-connection\-pooling\fR
Enable connection pooling for the instance. Use
\fB\-\-enable\-connection\-pooling\fR to enable and
\fB\-\-no\-enable\-connection\-pooling\fR to disable.
.TP 2m
\fB\-\-[no\-]enable\-data\-cache\fR
Enable use of data cache for accelerated read performance. This flag is only
available for Enterprise_Plus edition instances. Use
\fB\-\-enable\-data\-cache\fR to enable and \fB\-\-no\-enable\-data\-cache\fR to
disable.
.TP 2m
\fB\-\-[no\-]enable\-database\-replication\fR
Enable database replication. Applicable only for read replica instance(s).
WARNING: Instance will be restarted. Use \fB\-\-enable\-database\-replication\fR
to enable and \fB\-\-no\-enable\-database\-replication\fR to disable.
.TP 2m
\fB\-\-[no\-]enable\-dataplex\-integration\fR
Enable Dataplex integration for Google Cloud SQL. Use
\fB\-\-enable\-dataplex\-integration\fR to enable and
\fB\-\-no\-enable\-dataplex\-integration\fR to disable.
.TP 2m
\fB\-\-[no\-]enable\-google\-ml\-integration\fR
Enable Vertex AI integration for Google Cloud SQL. You can integrate Vertex AI
with Cloud SQL for MySQL and Cloud SQL for PostgreSQL instances only. Use
\fB\-\-enable\-google\-ml\-integration\fR to enable and
\fB\-\-no\-enable\-google\-ml\-integration\fR to disable.
.TP 2m
\fB\-\-[no\-]enable\-google\-private\-path\fR
Enable a private path for Google Cloud services. This flag specifies whether the
instance is accessible to internal Google Cloud services such as BigQuery. This
is only applicable to MySQL and PostgreSQL instances that don't use public IP.
Currently, SQL Server isn't supported. Use
\fB\-\-enable\-google\-private\-path\fR to enable and
\fB\-\-no\-enable\-google\-private\-path\fR to disable.
.TP 2m
\fB\-\-enable\-password\-policy\fR
Enable the password policy, which enforces user password management with the
policies configured for the instance. This flag is only available for Postgres.
.TP 2m
\fB\-\-enable\-point\-in\-time\-recovery\fR
Allows for data recovery from a specific point in time, down to a fraction of a
second, via write\-ahead logs. Must have automatic backups enabled to use. Make
sure storage can support at least 7 days of logs.
.TP 2m
\fB\-\-[no\-]enable\-private\-service\-connect\fR
Enable connecting to the Cloud SQL instance with Private Service Connect. Use
\fB\-\-enable\-private\-service\-connect\fR to enable and
\fB\-\-no\-enable\-private\-service\-connect\fR to disable.
.TP 2m
\fB\-\-enforce\-new\-sql\-network\-architecture\fR
Force the instance to use the new network architecture.
.TP 2m
\fB\-\-failover\-dr\-replica\-name\fR=\fIFAILOVER_DR_REPLICA_NAME\fR
Set a Disaster Recovery (DR) replica with the specified name for the primary
instance. This must be one of the existing cross region replicas of the primary
instance. Flag is only available for MySQL and PostgreSQL database instances.
.TP 2m
\fB\-\-[no\-]final\-backup\fR
Enables the final backup to be taken at the time of instance deletion. Use
\fB\-\-final\-backup\fR to enable and \fB\-\-no\-final\-backup\fR to disable.
.TP 2m
\fB\-\-final\-backup\-retention\-days\fR=\fIFINAL_BACKUP_RETENTION_DAYS\fR
Specifies number of days to retain final backup. The valid range is between 1
and 365. For instances managed by BackupDR, the valid range is between 1 day and
99 years. Default value is 30 days.
.TP 2m
\fB\-\-follow\-gae\-app\fR=\fIFOLLOW_GAE_APP\fR
First Generation instances only. The App Engine app this instance should follow.
It must be in the same region as the instance. WARNING: Instance may be
restarted.
.TP 2m
\fB\-\-[no\-]include\-replicas\-for\-major\-version\-upgrade\fR
Enable the major version upgrade of replicas when the in\-place major version
upgrade of a primary instance is initated with \f5\-\-database\-version\fR. Use
\f5\-\-include\-replicas\-for\-major\-version\-upgrade\fR to enable and
\f5\-\-no\-include\-replicas\-for\-major\-\-version\-upgrade\fR to disable. Use
\fB\-\-include\-replicas\-for\-major\-version\-upgrade\fR to enable and
\fB\-\-no\-include\-replicas\-for\-major\-version\-upgrade\fR to disable.
.TP 2m
\fB\-\-[no\-]insights\-config\-query\-insights\-enabled\fR
Enable query insights feature to provide query and query plan analytics.
Use \fB\-\-insights\-config\-query\-insights\-enabled\fR to enable and
\fB\-\-no\-insights\-config\-query\-insights\-enabled\fR to disable.
.TP 2m
\fB\-\-insights\-config\-query\-plans\-per\-minute\fR=\fIINSIGHTS_CONFIG_QUERY_PLANS_PER_MINUTE\fR
Number of query plans to sample every minute. Default value is 5. Allowed range:
0 to 20.
.TP 2m
\fB\-\-insights\-config\-query\-string\-length\fR=\fIINSIGHTS_CONFIG_QUERY_STRING_LENGTH\fR
Sets the default query length limit. For Cloud SQL Enterprise edition, the range
is from 256 to 4500 (in bytes) and the default query length is 1024 bytes. For
Cloud SQL Enterprise Plus edition, the range is from 1024 to 100,000 (in bytes)
and the default query length is 10,000 bytes.
.TP 2m
\fB\-\-[no\-]insights\-config\-record\-application\-tags\fR
Allow application tags to be recorded by the query insights feature.
Use \fB\-\-insights\-config\-record\-application\-tags\fR to enable and
\fB\-\-no\-insights\-config\-record\-application\-tags\fR to disable.
.TP 2m
\fB\-\-[no\-]insights\-config\-record\-client\-address\fR
Allow the client address to be recorded by the query insights feature.
Use \fB\-\-insights\-config\-record\-client\-address\fR to enable and
\fB\-\-no\-insights\-config\-record\-client\-address\fR to disable.
.TP 2m
\fB\-\-instance\-type\fR=\fIINSTANCE_TYPE\fR
The type of the instance. \fIINSTANCE_TYPE\fR must be one of:
.RS 2m
.TP 2m
\fBCLOUD_SQL_INSTANCE\fR
A primary instance.
.TP 2m
\fBREAD_POOL_INSTANCE\fR
A read pool instance.
.TP 2m
\fBREAD_REPLICA_INSTANCE\fR
A read replica instance.
.RE
.sp
.TP 2m
\fB\-\-maintenance\-release\-channel\fR=\fIMAINTENANCE_RELEASE_CHANNEL\fR
Which channel's updates to apply during the maintenance window. If not
specified, Cloud SQL chooses the timing of updates to your instance.
\fIMAINTENANCE_RELEASE_CHANNEL\fR must be one of:
.RS 2m
.TP 2m
\fBpreview\fR
Preview updates release prior to production updates. You may wish to use the
preview channel for dev/test applications so that you can preview their
compatibility with your application prior to the production release.
.TP 2m
\fBproduction\fR
Production updates are stable and recommended for applications in production.
.TP 2m
\fBweek5\fR
week5 updates release after the production updates. Use the week5 channel to
receive a 5 week advance notification about the upcoming maintenance, so you can
prepare your application for the release.
.RE
.sp
.TP 2m
\fB\-\-maintenance\-version\fR=\fIMAINTENANCE_VERSION\fR
The desired maintenance version of the instance.
.TP 2m
\fB\-\-maintenance\-window\-any\fR
Removes the user\-specified maintenance window.
.TP 2m
\fB\-\-maintenance\-window\-day\fR=\fIMAINTENANCE_WINDOW_DAY\fR
Day of week for maintenance window, in UTC time zone.
\fIMAINTENANCE_WINDOW_DAY\fR must be one of: \fBSUN\fR, \fBMON\fR, \fBTUE\fR,
\fBWED\fR, \fBTHU\fR, \fBFRI\fR, \fBSAT\fR.
.TP 2m
\fB\-\-maintenance\-window\-hour\fR=\fIMAINTENANCE_WINDOW_HOUR\fR
Hour of day for maintenance window, in UTC time zone.
.TP 2m
\fB\-\-memory\fR=\fIMEMORY\fR
Whole number value indicating how much memory is desired in the machine. A size
unit should be provided (eg. 3072MiB or 9GiB) \- if no units are specified, GiB
is assumed. Both \-\-cpu and \-\-memory must be specified if a custom machine
type is desired, and the \-\-tier flag must be omitted. \-\-cpu and \-\-memory
flags are not compatible with the Enterprise Plus edition. These flags should
not be used when creating an Enterprise Plus edition, as the machine
configuration is determined by the \-\-tier flag instead.
.TP 2m
\fB\-\-network\fR=\fINETWORK\fR
Network in the current project that the instance will be part of. To specify
using a network with a shared VPC, use the full URL of the network. For an
example host project, 'testproject', and shared network, 'testsharednetwork',
this would use the form:
\f5\-\-network\fR=\f5projects/testproject/global/networks/testsharednetwork\fR
.TP 2m
\fB\-\-node\-count\fR=\fINODE_COUNT\fR
The number of nodes in the pool. This option is only available for read pools.
.TP 2m
\fB\-\-password\-policy\-complexity\fR=\fIPASSWORD_POLICY_COMPLEXITY\fR
The complexity of the password. This flag is available only for PostgreSQL.
\fIPASSWORD_POLICY_COMPLEXITY\fR must be one of:
.RS 2m
.TP 2m
\fBCOMPLEXITY_DEFAULT\fR
A combination of lowercase, uppercase, numeric, and non\-alphanumeric
characters.
.TP 2m
\fBCOMPLEXITY_UNSPECIFIED\fR
The default value if COMPLEXITY_DEFAULT is not specified. It implies that
complexity check is not enabled.
.RE
.sp
.TP 2m
\fB\-\-[no\-]password\-policy\-disallow\-username\-substring\fR
Disallow username as a part of the password. Use
\fB\-\-password\-policy\-disallow\-username\-substring\fR to enable and
\fB\-\-no\-password\-policy\-disallow\-username\-substring\fR to disable.
.TP 2m
\fB\-\-password\-policy\-min\-length\fR=\fIPASSWORD_POLICY_MIN_LENGTH\fR
Minimum number of characters allowed in the password.
.TP 2m
\fB\-\-password\-policy\-password\-change\-interval\fR=\fIPASSWORD_POLICY_PASSWORD_CHANGE_INTERVAL\fR
Minimum interval after which the password can be changed, for example, 2m for 2
minutes. See <a href="/sdk/gcloud/reference/topic/datetimes"> $ gcloud topic
datetimes</a> for information on duration formats. This flag is available only
for PostgreSQL.
.TP 2m
\fB\-\-password\-policy\-reuse\-interval\fR=\fIPASSWORD_POLICY_REUSE_INTERVAL\fR
Number of previous passwords that cannot be reused. The valid range is 0 to 100.
.TP 2m
\fB\-\-pricing\-plan\fR=\fIPRICING_PLAN\fR, \fB\-p\fR \fIPRICING_PLAN\fR
First Generation instances only. The pricing plan for this instance.
\fIPRICING_PLAN\fR must be one of: \fBPER_USE\fR, \fBPACKAGE\fR.
.TP 2m
\fB\-\-[no\-]recreate\-replicas\-on\-primary\-crash\fR
Allow/Disallow replica recreation when a primary MySQL instance operating in
reduced durability mode crashes. Not recreating the replicas might lead to data
inconsistencies between the primary and its replicas. This setting is only
applicable for MySQL instances and is enabled by default. Use
\fB\-\-recreate\-replicas\-on\-primary\-crash\fR to enable and
\fB\-\-no\-recreate\-replicas\-on\-primary\-crash\fR to disable.
.TP 2m
\fB\-\-remove\-deny\-maintenance\-period\fR
Removes the user\-specified deny maintenance period.
.TP 2m
\fB\-\-replication\fR=\fIREPLICATION\fR
Type of replication this instance uses. The default is synchronous.
\fIREPLICATION\fR must be one of: \fBsynchronous\fR, \fBasynchronous\fR.
.TP 2m
\fB\-\-[no\-]require\-ssl\fR
mysqld should default to 'REQUIRE X509' for users connecting over IP. Use
\fB\-\-require\-ssl\fR to enable and \fB\-\-no\-require\-ssl\fR to disable.
.TP 2m
\fB\-\-[no\-]retain\-backups\-on\-delete\fR
Retain automated/ondemand backups of the instance after the instance is deleted.
Use \fB\-\-retain\-backups\-on\-delete\fR to enable and
\fB\-\-no\-retain\-backups\-on\-delete\fR to disable.
.TP 2m
\fB\-\-server\-ca\-mode\fR=\fISERVER_CA_MODE\fR
Set the server CA mode of the instance. \fISERVER_CA_MODE\fR must be one of:
.RS 2m
.TP 2m
\fBCUSTOMER_MANAGED_CAS_CA\fR
Customer\-managed CA hosted on Google Cloud's Certificate Authority Service
(CAS).
.TP 2m
\fBGOOGLE_MANAGED_CAS_CA\fR
Google\-managed regional CA part of root CA hierarchy hosted on Google Cloud's
Certificate Authority Service (CAS).
.TP 2m
\fBGOOGLE_MANAGED_INTERNAL_CA\fR
Google\-managed self\-signed internal CA.
.RE
.sp
.TP 2m
\fB\-\-server\-ca\-pool\fR=\fISERVER_CA_POOL\fR
Set the server CA pool of the instance.
.TP 2m
\fB\-\-simulate\-maintenance\-event\fR
Simulate a maintenance event without changing the version. Only applicable to
instances that support near\-zero downtime planned maintenance.
.TP 2m
\fB\-\-ssl\-mode\fR=\fISSL_MODE\fR
Set the SSL mode of the instance. \fISSL_MODE\fR must be one of:
.RS 2m
.TP 2m
\fBALLOW_UNENCRYPTED_AND_ENCRYPTED\fR
Allow non\-SSL and SSL connections. For SSL connections, client certificate will
not be verified.
.TP 2m
\fBENCRYPTED_ONLY\fR
Only allow connections encrypted with SSL/TLS.
.TP 2m
\fBTRUSTED_CLIENT_CERTIFICATE_REQUIRED\fR
Only allow connections encrypted with SSL/TLS and with valid client
certificates.
.RE
.sp
.TP 2m
\fB\-\-[no\-]storage\-auto\-increase\fR
Storage size can be increased, but it cannot be decreased; storage increases are
permanent for the life of the instance. With this setting enabled, a spike in
storage requirements can result in permanently increased storage costs for your
instance. However, if an instance runs out of available space, it can result in
the instance going offline, dropping existing connections. This setting is
enabled by default. Use \fB\-\-storage\-auto\-increase\fR to enable and
\fB\-\-no\-storage\-auto\-increase\fR to disable.
.TP 2m
\fB\-\-storage\-provisioned\-iops\fR=\fISTORAGE_PROVISIONED_IOPS\fR
Indicates how many IOPS to provision for the data disk. This sets the number of
I/O operations per second that the disk can handle.
.TP 2m
\fB\-\-storage\-provisioned\-throughput\fR=\fISTORAGE_PROVISIONED_THROUGHPUT\fR
Indicates how much throughput to provision for the data disk. This sets the
throughput in MB per second that the disk can handle.
.TP 2m
\fB\-\-storage\-size\fR=\fISTORAGE_SIZE\fR
Amount of storage allocated to the instance. Must be an integer number of GB.
The default is 10GB. Information on storage limits can be found here:
https://cloud.google.com/sql/docs/quotas#storage_limits
.TP 2m
\fB\-\-switch\-transaction\-logs\-to\-cloud\-storage\fR
Switches the location of the transaction logs used for PITR from disk to Cloud
Storage.
.TP 2m
\fB\-\-threads\-per\-core\fR=\fITHREADS_PER_CORE\fR
The number of threads per core. The value of this flag can be 1 or 2. To disable
SMT, set this flag to 1. Only available in Cloud SQL for SQL Server instances.
.TP 2m
\fB\-\-tier\fR=\fITIER\fR, \fB\-t\fR \fITIER\fR
Machine type for a shared\-core instance e.g. \f5\fIdb\-g1\-small\fR\fR. For all
other instances, instead of using tiers, customize your instance by specifying
its CPU and memory. You can do so with the \f5\-\-cpu\fR and \f5\-\-memory\fR
flags. Learn more about how CPU and memory affects pricing:
https://cloud.google.com/sql/pricing. WARNING: Instance will be restarted.
.TP 2m
\fB\-\-time\-zone\fR=\fITIME_ZONE\fR
Set a non\-default time zone. Only available for SQL Server instances.
.TP 2m
\fB\-\-upgrade\-sql\-network\-architecture\fR
Upgrade from old network architecture to new network architecture. The new
network architecture offers better isolation, reliability, and faster new
feature adoption.
.TP 2m
At most one of these can be specified:
.RS 2m
.TP 2m
\fB\-\-allowed\-psc\-projects\fR=\fIPROJECT\fR,[\fIPROJECT\fR,...]
A comma\-separated list of projects. Each project in this list might be
represented by a project number (numeric) or by a project ID (alphanumeric).
This allows Private Service Connect connections to be established from specified
consumer projects.
.TP 2m
\fB\-\-clear\-allowed\-psc\-projects\fR
This will clear the project allowlist of Private Service Connect, disallowing
all projects from creating new Private Service Connect bindings to the instance.
.RE
.sp
.TP 2m
At most one of these can be specified:
.RS 2m
.TP 2m
\fB\-\-authorized\-gae\-apps\fR=\fIAPP\fR,[\fIAPP\fR,...]
First Generation instances only. List of project IDs for App Engine applications
running in the Standard environment that can access this instance.
The value given for this argument \fBreplaces\fR the existing list.
.TP 2m
\fB\-\-clear\-gae\-apps\fR
Specified to clear the list of App Engine apps that can access this instance.
.RE
.sp
.TP 2m
At most one of these can be specified:
.RS 2m
.TP 2m
\fB\-\-authorized\-networks\fR=\fINETWORK\fR,[\fINETWORK\fR,...]
The list of external networks that are allowed to connect to the instance.
Specified in CIDR notation, also known as 'slash' notation (e.g.
192.168.100.0/24).
The value given for this argument \fBreplaces\fR the existing list.
.TP 2m
\fB\-\-clear\-authorized\-networks\fR
Clear the list of external networks that are allowed to connect to the instance.
.RE
.sp
.TP 2m
At most one of these can be specified:
.RS 2m
.TP 2m
\fB\-\-clear\-connection\-pool\-flags\fR
This will clear the connection pool flags set on the instance.
.TP 2m
\fB\-\-connection\-pool\-flags\fR=\fIFLAG\fR=\fIVALUE\fR,[\fIFLAG\fR=\fIVALUE\fR,...]
Comma\-separated list of connection pool flags to set on the instance connection
pool. Use an equals sign to separate flag name and value. More information on
available flags can be found here:
https://cloud.google.com/sql/docs/mysql/managed\-connection\-pooling#configuration\-options
for MySQL and
https://cloud.google.com/sql/docs/postgres/managed\-connection\-pooling#configuration\-options
for PostgreSQL. (e.g., \f5\-\-connection\-pool\-flags
max_pool_size=1000,max_client_connections=20\fR)
.RE
.sp
.TP 2m
At most one of these can be specified:
.RS 2m
.TP 2m
\fB\-\-clear\-custom\-subject\-alternative\-names\fR
This clears the customer specified DNS names.
.TP 2m
\fB\-\-custom\-subject\-alternative\-names\fR=\fIDNS\fR,[\fIDNS\fR,[\fIDNS\fR]]
A comma\-separated list of DNS names to add to the instance's SSL certificate. A
custom SAN is a structured way to add additional DNS names (host names) that are
not managed by Cloud SQL to an instance. It allows for hostname verification
during establishment of a database connection using the DNS name over SSL/TLS.
When you create and/or update an instance, you can add a comma\-separated list
of up to three DNS names to the server certificate of your instance.
.RE
.sp
.TP 2m
At most one of these can be specified:
.RS 2m
.TP 2m
\fB\-\-clear\-database\-flags\fR
Clear the database flags set on the instance. WARNING: Instance will be
restarted.
.TP 2m
\fB\-\-database\-flags\fR=\fIFLAG\fR=\fIVALUE\fR,[\fIFLAG\fR=\fIVALUE\fR,...]
Comma\-separated list of database flags to set on the instance. Use an equals
sign to separate flag name and value. Flags without values, like
skip_grant_tables, can be written out without a value after, e.g.,
\f5skip_grant_tables=\fR. Use on/off for booleans. View the Instance Resource
API for allowed flags. (e.g., \f5\-\-database\-flags
max_allowed_packet=55555,skip_grant_tables=,log_output=1\fR)
.RE
.sp
.TP 2m
At most one of these can be specified:
.RS 2m
.TP 2m
\fB\-\-clear\-psc\-auto\-connections\fR
This removes all automatically created connections. Cloud SQL uses these
connections to connect to an instance using Private Service Connect.
.TP 2m
\fB\-\-psc\-auto\-connections\fR=[\fInetwork\fR=\fINETWORK\fR],[\fIproject\fR=\fIPROJECT\fR]
A comma\-separated list of networks or network\-project pairs. Each project is
represented by a project number (numeric) or by a project ID (alphanumeric).
This allows Private Service Connect connections to be created automatically for
the specified networks. For example, this connection uses "the form
\f5psc\-auto\-connections\fR=\f5network=projects/testproject1/global/networks/testnetwork1\fR"
or "the form
\f5psc\-auto\-connections\fR=\f5project=testproject1,network=projects/testproject1/global/networks/testnetwork1\fR".
Sets \f5psc_auto_connections\fR value.
.RS 2m
.TP 2m
\fBnetwork\fR
Required, sets \f5network\fR value.
.TP 2m
\fBproject\fR
Sets \f5project\fR value.
.RE
.sp
\fBShorthand Example:\fR
.RS 2m
\-\-psc\-auto\-connections=network=string,project=string
.RE
\fBJSON Example:\fR
.RS 2m
\-\-psc\-auto\-connections='{"network": "string", "project": "string"}'
.RE
\fBFile Example:\fR
.RS 2m
\-\-psc\-auto\-connections=path_to_file.(yaml|json)
.RE
.RE
.sp
.TP 2m
At most one of these can be specified:
.RS 2m
.TP 2m
\fB\-\-clear\-psc\-network\-attachment\-uri\fR
Disable outbound connectivity from a Cloud SQL instance which uses Private
Service Connect (PSC).
.TP 2m
\fB\-\-psc\-network\-attachment\-uri\fR=\fIPSC_NETWORK_ATTACHMENT_URI\fR
Full URI of the network attachment that is configured to support outbound
connectivity from a Cloud SQL instance which uses Private Service Connect (PSC).
For example, this would be of the
form:\f5\-\-psc\-network\-attachment\-uri=projects/test\-project/regions/us\-central1/networkAttachments/my\-na\fR
.RE
.sp
.TP 2m
At most one of these can be specified:
.RS 2m
.TP 2m
\fB\-\-gce\-zone\fR=\fIGCE_ZONE\fR
(DEPRECATED) Preferred Compute Engine zone (e.g. us\-central1\-a,
us\-central1\-b, etc.). WARNING: Instance may be restarted.
Flag \f5\-\-gce\-zone\fR is deprecated and will be removed by release 255.0.0.
Use \f5\-\-zone\fR instead.
.TP 2m
\fB\-\-secondary\-zone\fR=\fISECONDARY_ZONE\fR
Preferred secondary Compute Engine zone (e.g. us\-central1\-a, us\-central1\-b,
etc.).
.TP 2m
\fB\-\-zone\fR=\fIZONE\fR
Preferred Compute Engine zone (e.g. us\-central1\-a, us\-central1\-b, etc.).
WARNING: Instance may be restarted.
.RE
.sp
.TP 2m
Options for configuring read pool auto scale.
.RS 2m
.TP 2m
\fB\-\-[no\-]auto\-scale\-disable\-scale\-in\fR
Disables automatic read pool scale\-in. When disabled, read pool auto scaling
only supports increasing the read pool node count. By default, both automatic
read pool scale\-in and scale\-out are enabled. Use
\fB\-\-auto\-scale\-disable\-scale\-in\fR to enable and
\fB\-\-no\-auto\-scale\-disable\-scale\-in\fR to disable.
.TP 2m
\fB\-\-[no\-]auto\-scale\-enabled\fR
Enables read pool auto scaling. Supports automatically increasing and decreasing
the read pool's node count based on need. Use \fB\-\-auto\-scale\-enabled\fR to
enable and \fB\-\-no\-auto\-scale\-enabled\fR to disable.
.TP 2m
\fB\-\-auto\-scale\-in\-cooldown\-seconds\fR=\fIAUTO_SCALE_IN_COOLDOWN_SECONDS\fR
The cooldown period for automatic read pool scale\-in. Minimum time between
scale\-in events. Must be an integer value. For example, if the value is 60,
then a scale\-in event will not be triggered within 60 seconds of the last
scale\-in event.
.TP 2m
\fB\-\-auto\-scale\-max\-node\-count\fR=\fIAUTO_SCALE_MAX_NODE_COUNT\fR
Maximum number of read pool nodes to be maintained.
.TP 2m
\fB\-\-auto\-scale\-min\-node\-count\fR=\fIAUTO_SCALE_MIN_NODE_COUNT\fR
Minimum number of read pool nodes to be maintained.
.TP 2m
\fB\-\-auto\-scale\-out\-cooldown\-seconds\fR=\fIAUTO_SCALE_OUT_COOLDOWN_SECONDS\fR
The cooldown period for automatic read pool scale\-out. Minimum time between
scale\-out events. Must be an integer value. For example, if the value is 60,
then a scale\-out event will not be triggered within 60 seconds of the last
scale\-out event.
.TP 2m
\fB\-\-auto\-scale\-target\-metrics\fR=[\fIMETRIC\fR=\fIVALUE\fR,...]
Target metrics for read pool auto scaling. Options are: AVERAGE_CPU_UTILIZATION
and AVERAGE_DB_CONNECTIONS. Example:
\-\-auto\-scale\-target\-metrics=AVERAGE_CPU_UTILIZATION=0.8
.RE
.sp
.TP 2m
At most one of these can be specified:
.RS 2m
.TP 2m
\fB\-\-no\-backup\fR
Specified if daily backup should be disabled.
.TP 2m
\fB\-\-backup\-location\fR=\fIBACKUP_LOCATION\fR
Choose where to store your backups. Backups are stored in the closest
multi\-region location to you by default. Only customize if needed. Specify
empty string to revert to default.
.TP 2m
\fB\-\-backup\-start\-time\fR=\fIBACKUP_START_TIME\fR
Start time of daily backups, specified in the HH:MM format, in the UTC timezone.
.TP 2m
\fB\-\-retained\-backups\-count\fR=\fIRETAINED_BACKUPS_COUNT\fR
How many backups to keep. The valid range is between 1 and 365. Default value is
7 for Enterprise edition instances. For Enterprise_Plus, default value is 15.
Applicable only if \-\-no\-backups is not specified.
.TP 2m
\fB\-\-retained\-transaction\-log\-days\fR=\fIRETAINED_TRANSACTION_LOG_DAYS\fR
How many days of transaction logs to keep. The valid range is between 1 and 35.
Only use this option when point\-in\-time recovery is enabled. If logs are
stored on disk, storage size for transaction logs could increase when the number
of days for log retention increases. For Enterprise, default and max retention
values are 7 and 7 respectively. For Enterprise_Plus, default and max retention
values are 14 and 35.
.RE
.RE
.sp
.SH "GCLOUD WIDE FLAGS"
These flags are available to all commands: \-\-access\-token\-file, \-\-account,
\-\-billing\-project, \-\-configuration, \-\-flags\-file, \-\-flatten,
\-\-format, \-\-help, \-\-impersonate\-service\-account, \-\-log\-http,
\-\-project, \-\-quiet, \-\-trace\-token, \-\-user\-output\-enabled,
\-\-verbosity.
Run \fB$ gcloud help\fR for details.
.SH "NOTES"
These variants are also available:
.RS 2m
$ gcloud alpha sql instances patch
.RE
.RS 2m
$ gcloud beta sql instances patch
.RE