Skip to content

trufflesecurity/cloudsql-exporter

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

63 Commits

.github

.github

 
 

pkg

pkg

 
 

.gitignore

.gitignore

 
 

.goreleaser.yml

.goreleaser.yml

 
 

Dockerfile

Dockerfile

 
 

Dockerfile.goreleaser

Dockerfile.goreleaser

 
 

README.md

README.md

 
 

demo.svg

demo.svg

 
 

go.mod

go.mod

 
 

go.sum

go.sum

 
 

main.go

main.go

 
 

Repository files navigation

cloudsql-exporter

cloudsql-exporter automatically exports CloudSQL databases in a given project to a GCS bucket. It supports automatic enumeration of CloudSQL instances and their databases, and can even ensure the correct IAM role bindings are in place for a successful export.

Demo

Why

CloudSQL includes automatic backup functionality, so why might you want to use this?

CloudSQL backups are tied to the CloudSQL instance. So, if the instance itself gets deleted, so do the backups. Similarly if the GCP project were deleted, the instance and the backups would too. Exporting your database to a separate Google Cloud Storage bucket, preferrably in another GCP project within another account can provide extra assurance of data retention in these scenarios. Additionally you can have much better control over data retention. It's a good supplement to the built-in backup functionality.

Usage

$ cloudsql-exporter --help
usage: cloudsql-backup --bucket=BUCKET --project=PROJECT [<flags>]

Export Cloud SQL databases to Google Cloud Storage

Flags:
  --help                 Show context-sensitive help (also try --help-long and
                         --help-man).
  --bucket=BUCKET        Google Cloud Storage bucket name
  --project=PROJECT      GCP project ID
  --instance=INSTANCE    Cloud SQL instance name, if not specified all within
                         the project will be enumerated
  --ensure-iam-bindings  Ensure that the Cloud SQL service account has the
                         required IAM role binding to export and validate the
                         backup

Installation

1. Compile with Go

go install github.com/trufflesecurity/cloudsql-exporter

2. Release binaries

3. Docker

Note: Apple M1 hardware users should run with docker run --platform linux/arm64 for better performance.

Most users

docker run -v "$HOME/.config/gcloud/application_default_credentials.json:/gcloud.json" -e GOOGLE_APPLICATION_CREDENTIALS=/gcloud.json trufflesecurity/cloudsql-exporter:latest --bucket my-cloudsql-backups --project my-project  --ensure-iam-bindings

Apple M1 users

The linux/arm64 image is better to run on the M1 than the amd64 image. Even better is running the native darwin binary avilable, but there is not container image for that.

docker run --platform linux/arm64 -v "$HOME/.config/gcloud/application_default_credentials.json:/gcloud.json" -e GOOGLE_APPLICATION_CREDENTIALS=/gcloud.json trufflesecurity/cloudsql-exporter:latest --bucket my-cloudsql-backups --project my-project  --ensure-iam-bindings

4. Brew

brew tap trufflesecurity/cloudsql-exporter
brew install cloudsql-exporter

Todo (help wanted!)

About

Automatically export CloudSQL databases to Google Cloud Storage

Resources

Readme

Code of conduct

Code of conduct

Security policy

Security policy
Activity
Custom properties

Stars

3 stars

Watchers

9 watching

Forks

6 forks
Report repository

Releases 4

v0.1.0 Latest
Mar 26, 2024
+ 3 releases

Packages 1

 

Contributors 3

  •  
  •  
  •  

Languages