docs/docs/databases/postgres/gcp.mdx
import Thumbnail from '@site/src/components/Thumbnail'; import HeadingIcon from '@site/src/components/HeadingIcon';
This guide explains how to connect a new or existing Google Cloud SQL Postgres database to a Hasura instance, either on Hasura Cloud or via one of our self-hosted solutions. If you're exploring Google Cloud SQL Postgres and are interested in migrating an existing Postgres database - such as from Heroku - check out their docs before continuing below.
:::info Note
If you plan on using Hasura Cloud, which we recommend, follow steps 1 and 2 below. If you're self-hosting a Hasura instance and already have a project running, skip to step 3.
:::
Navigate to Hasura Cloud and sign up or log in.
On the Hasura Cloud dashboard, create a new project:
<Thumbnail src="/img/cloud-dbs/create-hasura-cloud-project.png" alt="Create Hasura Cloud project" width="1000px" />After the project is initialized successfully, click on Launch Console to open the Hasura Console in your browser.
On the Hasura Console, navigate to the Data tab and choose Connect Existing Database. Hasura will prompt you for a
Postgres Database URL. We'll create this in the next step and then come back here.
:::info Note
If you have an existing Postgres database on GCP, you can skip this step and move on to step 4.
:::
Log into the GCP console.
On the left-side navigation, scroll down to Storage and click on SQL:
On the top, click on Create instance:
Select Postgres:
<Thumbnail src="/img/cloud-dbs/gcp/select-postgres.png" alt="Select Postgres database instance in GCP" width="1000px" />Select an instance ID, as well as a default user password. If required, choose a specific region and zone.
<Thumbnail src="/img/cloud-dbs/gcp/configure-instance.png" alt="Configure database instance in GCP" width="500px" />Then click Create.
On the dashboard of your GCP database instance, on the left sidebar, click on Connections. Then scroll down to the
checkbox Public IP, and click + Add network:
You can choose an optional name (e.g. "Hasura").
If using Hasura Cloud, from your project's dashboard, copy the Hasura Cloud IP address:
<Thumbnail src="/img/projects/hasura-cloud-ip.png" alt="Hasura Cloud IP field" width="1000px" />:::info Note
If you're using a self-hosted solution, you'll need to determine the IP address manually depending on your hosting service.
:::
Enter the Hasura IP address that you copied:
<Thumbnail src="/img/cloud-dbs/gcp/add-network.png" alt="Add a new network in GCP" width="600px" />Then click Save.
:::info Note
If you're using a database user other than the default one, make sure to give it the right Postgres permissions.
:::
The structure of the database connection URL looks as follows:
postgresql://<user-name>:<password>@<public-ip>:<postgres-port>/
user-name: If you have a separate database user, the user name will be their name. If you didn't specify a user, the
default user name is postgres.password: If you have a separate database user, use their password. Otherwise, use the password that you chose when
creating the database.public-ip: The public IP can be obtained by clicking on Overview on the left-side navigation and then scrolling
down to Connect to this instance:postgres-port: The default port for Postgres is 5432 if not specified otherwise.db: The DB is postgres by default unless otherwise specified.Back on the Hasura Console, enter the database URL that we retrieved in step 5:
<Thumbnail src="/img/cloud-dbs/gcp/GCP-complete.png" alt="Database setup" width="600px" />Then click Connect Database.
:::info Note
For security reasons, it is recommended to set database URLs as env vars and using the env vars to connect to the databases in place of the raw database URLs.
:::
Voilà. You are ready to start developing.
<Thumbnail src="/img/cloud-dbs/hasura-console.png" alt="Hasura Console" width="1100px" />Google Cloud (GCP) SQL makes the following SSL/TLS certificates available for download:
server-ca.pemclient-cert.pemclient-key.pem:::info Note Please refer to the Google Cloud Documentation for detailed information about the different certs.
:::
Download these certs to your local drive.
If using Hasura Cloud, go to your project and add the following env vars:
(Open the cert files using your favorite text editor, select all the contents and copy them to the clipboard)
| Env Var Name | Value |
|---|---|
SSL_ROOTCERT_GCP | Contents from server-ca.pem |
SSL_CERT_GCP | Contents from client-cert.pem |
SSL_KEY_GCP | Contents from client-key.pem |
Here is how your Hasura Cloud env vars setup should look like:
<Thumbnail src="/img/cloud-dbs/gcp/cloud-gcp-env-vars.png" alt="Hasura Cloud Env Vars" width="1000px" />:::info Note
If you're using a self-hosted solution, you can set these env vars in your docker-compose.yml file.
:::
Open the Console of your Hasura Project, go to the Data -> Manage -> [db-name] -> Edit page.
Under Connection Settings add the following SSL certificate settings:
| Field Name | Value |
|---|---|
SSL Mode | verify-ca (select from dropdown) |
SSL Root Certificate | SSL_ROOTCERT_GCP |
SSL Certificate | SSL_CERT_GCP |
SSL Key | SSL_KEY_GCP |
Here is how the setup should look like:
<Thumbnail src="/img/cloud-dbs/gcp/ssl-config-setup.png" alt="Hasura Console SSL Config Setup" width="1000px" />Finally, click on the Update Connection button to apply the SSL settings.
You can check out our 30-Minute Hasura Basics Course and other GraphQL & Hasura Courses for a more detailed introduction to Hasura.
If using Hasura Cloud, you can also click the gear icon to manage your Hasura Cloud project. (e.g. add collaborators, env vars or custom domains).
:::info Note
For more information on which Postgres features we support, check out this page.
:::