Create a read-only session in Cloud SQL for PostgreSQL
You can use the cloudsql_session_read_only session parameter to make a
session read-only.
You can use this parameter to prevent data modification, either temporarily or
irrevocably in a session. You can use read-only sessions to help protect data
integrity in various contexts, including MCP sessions, reporting-tool sessions,
and auditing sessions.
Use the cloudsql_session_read_only session parameter
By default, cloudsql_session_read_only is set to 'off', which
lets you modify data during a Cloud SQL for PostgreSQL session.
During a session, you can use the SET statement to change read-only
status, as follows:
SET cloudsql_session_read_only = 'on': This statement makes the session read-only, preventing anyone from modifying data for as long as the flag remains set to'on'. You can change it back to'off'to resume modifying data later in the session.SET cloudsql_session_read_only = 'off': Setting the flag back to'off'restores the session to being read-write.SET cloudsql_session_read_only = 'locked': Setting the flag to'locked'makes the session permanently read-only. After the flag is set to'locked', you can't set it to any other value during the session.
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2026-06-18 UTC.