{"id":165828,"date":"2026-04-12T20:36:17","date_gmt":"2026-04-12T17:36:17","guid":{"rendered":"https:\/\/computingforgeeks.com\/gcp-cloud-sql-postgresql-terraform\/"},"modified":"2026-04-12T20:36:17","modified_gmt":"2026-04-12T17:36:17","slug":"gcp-cloud-sql-postgresql-terraform","status":"publish","type":"post","link":"https:\/\/computingforgeeks.com\/gcp-cloud-sql-postgresql-terraform\/","title":{"rendered":"Deploy Cloud SQL PostgreSQL with Terraform (2026 Guide)"},"content":{"rendered":"\n

Managing PostgreSQL on a VM gives you full control, but it also gives you full responsibility: patching, backups, failover, connection pooling, and the 3 AM pager when replication breaks. Cloud SQL takes those off your plate. You get a managed PostgreSQL instance with automated backups, point-in-time recovery, and optional high availability, all provisioned through Terraform so the configuration lives in version control where it belongs.<\/p>\n\n\n\n

This guide covers creating a Cloud SQL PostgreSQL 17 instance using both gcloud<\/code> and Terraform, configuring private IP networking via VPC peering, enabling IAM database authentication, setting up read replicas, and connecting from GKE using the Cloud SQL Auth Proxy. For securing database credentials in GCP, see the Secret Manager tutorial<\/a>. If your workloads run on GKE, the Workload Identity guide<\/a> explains how the Auth Proxy authenticates without exporting service account keys.<\/p>\n\n\n\n

Verified working: April 2026<\/strong>. Cloud SQL PostgreSQL 17, Enterprise edition, Terraform google provider 6.x<\/em><\/p>\n\n\n\n

Cloud SQL vs Self-Managed PostgreSQL<\/h2>\n\n\n\n

The trade-off is cost versus operational burden. Cloud SQL costs more per vCPU-hour than a Compute Engine VM running PostgreSQL, but you do not spend engineering time on patching, backup validation, or failover testing.<\/p>\n\n\n\n

Feature<\/th>Cloud SQL (Enterprise)<\/th>Self-Managed on GCE<\/th><\/tr><\/thead>
Patching<\/td>Automated (maintenance window)<\/td>Manual, your responsibility<\/td><\/tr>
Backups<\/td>Automated daily + PITR, 7-day default retention<\/td>pg_dump \/ pgBackRest, self-managed<\/td><\/tr>
High Availability<\/td>One checkbox (regional HA with automatic failover)<\/td>Patroni\/repmgr + load balancer, significant setup<\/td><\/tr>
Read Replicas<\/td>API call or Terraform resource<\/td>Manual streaming replication config<\/td><\/tr>
Connection Pooling<\/td>Built-in (pgBouncer via AlloyDB Omni, or Auth Proxy)<\/td>PgBouncer\/Pgpool, self-managed<\/td><\/tr>
IAM Auth<\/td>Native (no passwords in connection strings)<\/td>Not applicable<\/td><\/tr>
Scale to Zero<\/td>Not supported (minimum 1 vCPU always running)<\/td>Not applicable<\/td><\/tr>
Max Storage<\/td>64 TB<\/td>Limited by disk size<\/td><\/tr>
PostgreSQL Versions<\/td>14, 15, 16, 17<\/td>Any version you compile<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n

Pricing<\/h2>\n\n\n\n

Cloud SQL Enterprise edition charges per vCPU-hour and per GiB-hour of memory. There is no free tier for production instances (the free trial gives $300 in credits). Here are the real numbers for us-central1<\/code> as of April 2026:<\/p>\n\n\n\n

Resource<\/th>Rate<\/th>Minimal Instance (2 vCPU, 8 GiB)<\/th><\/tr><\/thead>
vCPU<\/td>$0.0413\/hr<\/td>$60.30\/month<\/td><\/tr>
Memory<\/td>$0.007\/GiB-hr<\/td>$40.88\/month<\/td><\/tr>
SSD Storage<\/td>$0.170\/GiB-month<\/td>$1.70\/month (10 GiB)<\/td><\/tr>
Total (single zone)<\/strong><\/td><\/td>~$103\/month<\/strong><\/td><\/tr>
Total (HA, 2 zones)<\/strong><\/td><\/td>~$206\/month<\/strong><\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n

HA doubles the compute cost because GCP runs a standby instance in another zone. Storage is shared, so it does not double. For a full breakdown of how GCP services accumulate cost, the GCP costs guide<\/a> covers all the common gotchas.<\/p>\n\n\n\n

Prerequisites<\/h2>\n\n\n\n