%20(1)%20(1)%20(1).png?alt=media)
2. Run the following command to grant superuser privileges to the Apono connector user.
{% code overflow="wrap" %}
```sh
gcloud alloydb users set-superuser CONNECTOR_USERNAME_IAM_SA_EMAIL@[PROJECT_ID].iam \
--superuser=true \
--cluster=CLUSTER_ID \
--region=REGION_ID
```
{% endcode %}
{% endtab %}
{% endtabs %}
2. (Built-in Authentication only) [Create a secret](https://docs.apono.io/docs/connectors-and-secrets/apono-integration-secret) with the credentials from step **1**.
{% hint style="success" %}
When using IAM authentication, the service account and its permissions are managed through Google Cloud IAM roles and policies.
**A secret does not need to be created.**
{% endhint %}
***
### Integrate AlloyDB
{% hint style="success" %}
You can also use the steps below to integrate with Apono using Terraform.
In step **11**, instead of clicking **Confirm**, follow the **Are you integrating with Apono using Terraform?** guidance.
{% endhint %}
Follow these steps to complete the integration:
1. On the [**Catalog**](https://app.apono.io/catalog?search=alloydb) tab, click **AlloyDB**. The **Connect Integration** page appears.
2. Under **Discovery**, select one or multiple resource types for Apono to discover in the instance.
3. Click **Next**. The Apono connector section expands.
4. From the dropdown menu, select a connector. Choosing a connector links Apono to all the services available on the account where the connector is located.
{% hint style="success" %}
If the desired connector is not listed, click **+ Add new connector** and follow the instructions for creating a [connector for GCP](https://docs.apono.io/docs/gcp-environment/apono-connector-for-gcp).
{% endhint %}
5. Click **Next**. The **Integration Config** page appears.
6. Define the **Integration Config** settings.
| Setting | Description |
|---|---|
| Integration Name | Unique, alphanumeric, user-friendly name used to identify this integration when constructing an access flow |
| Auth Type | Authorization type for the AlloyDB user:
|
| Project ID | ID of the project associated with the AlloyDB instance |
| Location | Location of the AlloyDB instance |
| Primary Instance ID | ID for the primary instance within the AlloyDB cluster |
| Cluster ID | ID for the AlloyDB cluster |
| Port | Port value for the database By default, Apono sets this value to 5432. |
| Instance ID User Override (optional) | Overrides the instance ID for the user |
| Database Name | Name of the database to integrate By default, Apono sets this value to postgre. |
| SSL Mode | (Optional) Mode of Secure Sockets Layer (SSL) encryption used to secure the connection with the SQL database server Be sure to choose the SSL mode based on your AlloyDB primary instance SSL mode configuration:
|
| Setting | Description |
|---|---|
| Credential Rotation | (Optional) Number of days after which the database credentials must be rotated Learn more about the Credentials Rotation Policy. |
| User cleanup after access is revoked (in days) | (Optional) Defines the number of days after access has been revoked that the user should be deleted
|
| Custom Access Details | (Optional) Instructions explaining how to access this integration's resources Upon accessing an integration, a message with these instructions will be displayed to end users in the User Portal. The message may include up to 400 characters. To view the message as it appears to end users, click Preview. |
| Integration Owner | (Optional) Fallback approver if no resource owner is found
|
| Resource Owner | (Optional) Group or role responsible for managing access approvals or rejections for the resource
|