BT

Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ

Topics

Choose your language

InfoQ Homepage News Google Cloud Spanner Introduces Free Trial Instances and Fine-Grained Access Control

Google Cloud Spanner Introduces Free Trial Instances and Fine-Grained Access Control

Google Cloud recently announced different improvements to their managed databases. The cloud provider introduced free trial instances and fine-grained access control for Spanner to let developers try the managed service and configure access to data at the table and column level.

Providing strong consistency and availability up to five nines, Spanner is a globally distributed database service that provides horizontal scaling and RDBMS features without sharding or clustering. Supporting GoogleSQL or PostgreSQL-dialect databases, the new Spanner free trial provides a Spanner instance with 10GB storage for 90 days. Sailesh Krishnamurthy, VP of engineering for databases at Google, writes:

To make it easier for developers to evaluate Spanner, the free trial instance comes with built-in guided tutorials in the Google Cloud console. These tutorials provide step-by-step guidance to create a database, load predefined schema and data, and run sample queries and transactions so that users can quickly get started with Spanner and learn key concepts.

In a Reddit thread, some users underline the lack of a pay-per-use pricing and usage model that is already available on other distributed cloud services. Gabe Weiss, developer advocacy manager at Google, tweets:

Short history/finance lesson! See below the minimum cost a customer had to pay to try our Cloud Spanner:
Till 2019: ~$1800/month
2019/09: ~$600/month
2022/07: ~60/month
2022/09: $0/month

Authorizing access at the table and column level, the preview of fine-grained access control increases protection of transactional data and ensures appropriate controls are in place when granting access. As Spanner relies on IAM for identity and access management, developers need to assign database roles to the appropriate IAM principals by managing conditional role bindings.

Mark Donsky, product manager at Google, explains the need for more robust access controls for ledger applications:

Ledgers, which are useful for inventory management, cryptocurrency, and banking applications, let you look at inventory levels and apply updates such as credits or debits to existing balances. In a ledger application, you can look at balances, add inventory, and remove inventory. You can’t go back and adjust last week’s inventory level to 500 widgets. This corresponds to having SELECT privileges (to look at balances) and INSERT privileges (to add or remove inventory), but not UPDATE or DELETE privileges.

According to Donsky, analytics and service accounts are other common scenarios where users require their own set of privileges on specific tables and will benefit from the new access control capabilities.

In the last few months Google announced other improvements for Spanner, including committed use discounts, and a new PostgreSQL interface, covered previously on InfoQ.

Both existing and new Google Cloud customers are eligible for the new Spanner free trial. The preview release of fine-grained access control doesn't support the PostgreSQL interface.

About the Author

Rate this Article

Adoption
Style

BT