This will create a feature request which anybody can view and comment on.
Please describe your requested enhancement. Good feature requests will solve common problems or enable new use cases.
What you would like to accomplish:
Customer would like to completely restrict access to Cloud SQL in bith primary and read replicas at any given point without needing to wait for replication lag to go through. Currently this is not possible as both primary and read replicas have exactly same access permission.
How this might work:
Cloud SQL API can provide a way to configure the access control based on database user names and IAM user accounts.
If applicable, reasons why alternative solutions are not sufficient:
There is not alternative solution available in GCP today.
Other information (workarounds you have tried, documentation consulted, etc):
Postgres can provide a way to configure this kind of granular access control through pg_hba.conf file. It might be possible to expose a limited configuration parameter through cloud sql API/console.
Description
This will create a feature request which anybody can view and comment on.
Please describe your requested enhancement. Good feature requests will solve common problems or enable new use cases.
What you would like to accomplish:
Customer would like to completely restrict access to Cloud SQL in bith primary and read replicas at any given point without needing to wait for replication lag to go through. Currently this is not possible as both primary and read replicas have exactly same access permission.
How this might work:
Cloud SQL API can provide a way to configure the access control based on database user names and IAM user accounts.
If applicable, reasons why alternative solutions are not sufficient:
There is not alternative solution available in GCP today.
Other information (workarounds you have tried, documentation consulted, etc):
Postgres can provide a way to configure this kind of granular access control through pg_hba.conf file. It might be possible to expose a limited configuration parameter through cloud sql API/console.