Cloud SQL Admin API

https://stackoverflow.com//questions/23021026

google-cloud-sql

21-12-2019
|

Question

I've been working with sqladmin-appengine-sample and the v1beta3 json API. The Java code is running on App Engine. oauth2.

I can get it to work where when the currently logged in user is the app owner, but what I think I need is something like AppIdentityCredential so that the app can access any of the SQL instances it has access to regardless of the currently logged in user.

How do I do this?

Do I need to use a service account?

Solution

The short answer is that I could not get AppIdentityCredential to work, but setting up a Service Account credential did work. Here is the code:

    Set<String> oAuthScopes = new HashSet<String>();
    oAuthScopes.add(SQLAdminScopes.CLOUD_PLATFORM);
    oAuthScopes.add(SQLAdminScopes.SQLSERVICE_ADMIN);

    // service account credential
    GoogleCredential credential;
    try {

        File p12File = new File(servletContext.getResource(PK12_FILE_NAME).toURI());

        credential = new GoogleCredential.Builder()
                .setTransport(Utils.HTTP_TRANSPORT)
                .setJsonFactory(Utils.JSON_FACTORY)
                .setServiceAccountId(SERVICE_ACCOUNT_ID)
                .setServiceAccountScopes(oAuthScopes)
                .setServiceAccountPrivateKeyFromP12File(p12File)
                .build();

    } catch (Exception e) {
        throw new SecurityException(e);
    }

    // build the SQLAdmin object using the credentials
    this.sqlAdmin = new SQLAdmin.Builder(Utils.HTTP_TRANSPORT, Utils.JSON_FACTORY, credential)
                                .setApplicationName(APPLICATION_NAME)
                                .build();


    String timestamp = new Date().toString().replace(" ", "_").replace(":", "_");

    ExportContext exportContent = new ExportContext();
    exportContent.setDatabase(Arrays.asList(database_name));
    exportContent.setKind("sql#exportContext");
    exportContent.setUri("gs://"+GCS_BUCKET_NAME+"/"+database_name+"_"+timestamp+".mysql"); 

    InstancesExportRequest exportRequest = new InstancesExportRequest();
    exportRequest.setExportContext(exportContent);

    // execute the exportRequest
    this.sqlAdmin.instances().export(APPLICATION_NAME, instance_name, exportRequest).execute();

Licensed under: CC-BY-SA with attribution

Not affiliated with StackOverflow