connect local environment to CloudSQL with private IP

Question

I have hosted my application in a CloudRun Container and connected it to CloudSQL. Everything is in a VPC Network and is running smoothly. Now I would like to modify data in production from a Database tool like DataGrid. Therefore I need to connect my local environment to my VPC-Network. I did this through a Cloud VPN Tunnel. Now I would like to connect to the SQL instance.

Here I got stuck and I'm wondering how I can establish the connection. It would be great if someone would know how I can solve this issue. Thanks!

Answer 1

My preferred solution is to use the public IP BUT without whitelisting any network. In fact, it's like if y ou have a public IP and all the connexion are forbidden.

The solution here is to use Cloud SQL proxy and to open a tunnel from your computer to the Cloud SQL database (that you reach on the public IP, but the tunnel is secured); It's exactly like a VPN connexion: a secure tunnel.

You can do this

• Download Cloud SQL prowy
• Launch it

./cloud_sql_proxy -instances=<INSTANCE_CONNECTION_NAME>=tcp:3306

• Connect your SQL client on localhost:3306

If the port 3306 is already in use, feel free to use another one

---

If you prefer the private IP only (sometime, it's security team requirement), I wrote an article on this.

If you use a VPN (and you are connected to Cloud VPN) take care to open the correct route and firewalls in both way (in and out)