docs: improve Cloud SQL IAM authentication documentation for enhanced security

[d-bytebase]

Summary

• Rewrite Cloud SQL IAM authentication section to use the most secure approach with GCE VM service accounts
• Eliminate service account key management for improved security
• Add comprehensive Google Cloud documentation references

Changes

• Security Enhancement: Replace key-file based authentication with GCE VM service account approach
• Documentation: Add official Google Cloud documentation links for IAM authentication, configuration, and troubleshooting
• Simplification: Streamline SQL user creation examples for both MySQL and PostgreSQL
• Cleanup: Remove 8 unused screenshot images from the gcp-iam directory
• Consistency: Align formatting with AWS RDS IAM authentication section

Benefits

• No key management: Service account keys are never created or stored
• Automatic credential rotation: GCE handles credential refresh automatically through metadata service
• Enhanced security: Eliminates risks associated with key file distribution and storage
• Simplified operations: No need to manage GOOGLE_APPLICATION_CREDENTIALS environment variable

Test Plan

• Review documentation for technical accuracy
• Verify all Google Cloud documentation links are valid
• Ensure SQL syntax is correct for both MySQL and PostgreSQL
• Confirm removed images are no longer referenced

🤖 Generated with Claude Code

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Comments	Updated (UTC)
bytebase-com	Ready	Preview	Comment	Aug 20, 2025 7:41am

[github-actions]

📝 Broken Links Check Report

Note: Entries under /api-reference/ are likely false positives and can be ignored.

The following is the output from the broken links check:

found 16 broken links in 9 files

integrations/api/audit-log.mdx
 ⎿  /api-reference/auditlogservice/post-v1auditlogs:search

integrations/api/authentication.mdx
 ⎿  /api-reference/authservice/post-v1authlogin

integrations/api/data-classification.mdx
 ⎿  /api-reference/settingservice/patch-v1settings
 ⎿  /api-reference/databaseservice/patch-v1instances-databases

integrations/api/issue.mdx
 ⎿  /api-reference/issueservice/post-v1projects-issues

integrations/api/permission.mdx
 ⎿  /api-reference/workspaceservice/get-v1workspaces-:getIamPolicy
 ⎿  /api-reference/projectservice/get-v1projects-:getIamPolicy
 ⎿  /api-reference/roleservice/get-v1roles
 ⎿  /api-reference/userservice/get-v1users
 ⎿  /api-reference/groupservice/get-v1groups

integrations/api/plan.mdx
 ⎿  /api-reference/planservice/post-v1projects-plans
 ⎿  /api-reference/sheetservice/post-v1projects-sheets

integrations/api/release.mdx
 ⎿  /api-reference/releaseservice/post-v1projects-releases

integrations/api/rollout.mdx
 ⎿  /api-reference/rolloutservice/post-v1projects-rollouts

integrations/api/sql-review.mdx
 ⎿  /api-reference/releaseservice/post-v1projects-releases:check
 ⎿  /api-reference/sqlservice/post-v1sqlcheck

[Copilot]

Pull Request Overview

This PR enhances the Cloud SQL IAM authentication documentation by replacing the less secure service account key-based approach with the more secure GCE VM service account method, eliminating key management risks and improving overall security posture.

• Replaces service account key authentication with GCE VM service account approach
• Adds comprehensive Google Cloud documentation references for better guidance
• Streamlines SQL user creation examples for both MySQL and PostgreSQL

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[h3n4l]

LGTM