|
5 | 5 |
|
6 | 6 | **Warning**: This project is currently in _beta_. Please [open an issue](https://github.com/GoogleCloudPlatform/cloud-sql-python-connector/issues/new/choose) if you would like to report a bug or documentation issue, request a feature, or have a question. |
7 | 7 |
|
8 | | -The Cloud SQL Python Connector is a library that can be used alongside a database driver to allow users with sufficient permissions to connect to a Cloud SQL |
9 | | -database without having to manually allowlist IPs or manage SSL certificates. |
10 | | - |
11 | | -Currently supported drivers are |
| 8 | +The _Cloud SQL Python Connector_ is a Cloud SQL connector designed for use with the |
| 9 | +Python language. Using a Cloud SQL connector provides the following benefits: |
| 10 | +* **IAM Authorization:** uses IAM permissions to control who/what can connect to |
| 11 | + your Cloud SQL instances |
| 12 | +* **Improved Security:** uses robust, updated TLS 1.3 encryption and |
| 13 | + identity verification between the client connector and the server-side proxy, |
| 14 | + independent of the database protocol. |
| 15 | +* **Convenience:** removes the requirement to use and distribute SSL |
| 16 | + certificates, as well as manage firewalls or source/destination IP addresses. |
| 17 | +* (optionally) **IAM DB Authenticiation:** provides support for |
| 18 | + [Cloud SQL’s automatic IAM DB AuthN][iam-db-authn] feature. |
| 19 | + |
| 20 | +[iam-db-authn]: https://cloud.google.com/sql/docs/postgres/authentication |
| 21 | + |
| 22 | +The Cloud SQL Python Connector is a package to be used alongside a database driver. |
| 23 | +Currently supported drivers are: |
12 | 24 | - [`pymysql`](https://github.com/PyMySQL/PyMySQL) (MySQL) |
13 | 25 | - [`pg8000`](https://github.com/tlocke/pg8000) (PostgreSQL) |
14 | 26 | - [`pytds`](https://github.com/denisenkom/pytds) (SQL Server) |
15 | 27 |
|
16 | | -# Supported Python Versions |
17 | | -Currently Python versions >= 3.7 are supported. |
18 | | - |
19 | | -### Authentication |
| 28 | +## Supported Python Versions |
20 | 29 |
|
21 | | -This library uses the [Application Default Credentials](https://cloud.google.com/docs/authentication/production) to authenticate the |
22 | | -connection to the Cloud SQL server. For more details, see the previously |
23 | | -mentioned link. |
24 | | - |
25 | | -To activate credentials locally ensure the Google Cloud SDK is installed on your machine. For manual installation see [Installing Cloud SDK](https://cloud.google.com/sdk/docs/install). Once installed, use the following `gcloud` command: |
26 | | - |
27 | | -``` |
28 | | -gcloud auth application-default login |
29 | | -``` |
| 30 | +Currently Python versions >= 3.7 are supported. |
30 | 31 |
|
31 | | -### How to install this connector |
| 32 | +## Installation |
32 | 33 |
|
33 | | -#### Install latest release from PyPI |
34 | | -Upgrade to the latest version of `pip`, then run the following command, replacing `driver` with one of the driver names listed above. |
| 34 | +You can install this library with `pip install`, replacing `driver` with one of the database driver names listed above: |
35 | 35 | ``` |
36 | 36 | pip install cloud-sql-python-connector[driver] |
37 | 37 | ``` |
38 | 38 | For example, to use the Python connector with `pymysql`, run `pip install cloud-sql-python-connector[pymysql]` |
39 | 39 |
|
40 | | -#### Install dev version |
41 | | -Clone this repo, `cd` into the `cloud-sql-python-connector` directory then run the following command to install the package: |
42 | | -``` |
43 | | -pip install . |
44 | | -``` |
45 | | -Conversely, install straight from Github using `pip`: |
| 40 | +## Usage |
| 41 | + |
| 42 | +This package provides several functions for authorizing and encrypting |
| 43 | +connections. These functions are used with your database driver to connect to |
| 44 | +your Cloud SQL instance. |
| 45 | + |
| 46 | +The instance connection name for your Cloud SQL instance is always in the |
| 47 | +format "project:region:instance". |
| 48 | + |
| 49 | +### APIs and Services |
| 50 | + |
| 51 | +This package requires the following to successfully make Cloud SQL Connections: |
| 52 | + |
| 53 | +- IAM principal (user, service account, etc.) with the |
| 54 | +[Cloud SQL Client][client-role] role. This IAM principal will be used for |
| 55 | +[credentials](#credentials). |
| 56 | +- The [Cloud SQL Admin API][admin-api] to be enabled within your Google Cloud |
| 57 | +Project. By default, the API will be called in the project associated with |
| 58 | +the IAM principal. |
| 59 | + |
| 60 | +[admin-api]: https://console.cloud.google.com/apis/api/sqladmin.googleapis.com |
| 61 | +[client-role]: https://cloud.google.com/sql/docs/mysql/roles-and-permissions |
| 62 | + |
| 63 | +### Credentials |
| 64 | + |
| 65 | +This library uses the [Application Default Credentials (ADC)][adc] strategy for |
| 66 | +resolving credentials. Please see the [google.auth][google-auth] package |
| 67 | +documentation for more information on how these credentials are sourced. |
| 68 | + |
| 69 | +To activate credentials locally the recommended approach is to ensure the Google |
| 70 | +Cloud SDK is installed on your machine. For manual installation see |
| 71 | +[Installing Cloud SDK][cloud-sdk]. |
| 72 | + |
| 73 | +Once installed, use the following `gcloud` command: |
46 | 74 | ``` |
47 | | -pip install git+https://github.com/GoogleCloudPlatform/cloud-sql-python-connector |
| 75 | +gcloud auth application-default login |
48 | 76 | ``` |
49 | 77 |
|
| 78 | +To explicitly set a specific source for the credentials to use, see |
| 79 | +[Configuring the Connector](#configuring-the-connector) below. |
| 80 | + |
| 81 | +[adc]: https://cloud.google.com/docs/authentication |
| 82 | +[google-auth]: https://google-auth.readthedocs.io/en/master/reference/google.auth.html |
| 83 | +[cloud-sdk]: https://cloud.google.com/sdk/docs/install |
| 84 | + |
50 | 85 | ### How to use this Connector |
51 | 86 |
|
52 | 87 | To connect to Cloud SQL using the connector, inititalize a `Connector` |
|
0 commit comments