The Cloud SQL Advanced group-based database authentication, IAM groups authentication, lets customers use Google Cloud’s identity service to manage Cloud SQL instance connectivity, access, and permissions
IAM group authentication adds to Cloud SQL’s IAM database authentication and username/password authentication
Using IAM instead of username and password authentication will protect your data without any inconvenience
The DBA does not need to create and grant user privileges. Cloud SQL automatically adds new users and service accounts to the instance without DBA intervention
Segregated teams or user roles may need distinct Cloud SQL instance access. IAM group authentication lets you divide teams by roles and responsibilities
The database automatically creates the user or service account upon first login. Group database privileges are passed to users and service accounts