google private service connect for cloudcomposer cloudSQL

Question

we are using google cloud cloudcomposer on one of the projects with its own VPC and cloudSQL database is on another project which is using a shared VPC from another project.

Is it possible for cloudcomposer to be able to privately connect to google cloudSQL and how?

update:

I have now setup VPC peering between cloudcomposer VPC and shared VPC. I spun up a VM on cloudcompose VPC test, However cloudSQL auth proxy cannot reach cloudSQL DB.

kshk@test-instance-1:~$ ./cloud_sql_proxy -instances=mgcp-xxxx-xxxx-pay-svc-sbx:europe-west2:xxxx-sbx-postgres=tcp:3307 -credential_file=access-1.json -ip_address_types=PRIVATE &

   kshk@test-instance-1:~$ psql -h 127.0.0.1 -p 3307 -U testuser postgres
        2022/11/15 16:06:53 New connection for "mgcp-xxxx-xcxx-pay-svc-sbx:europe-west2:xxxxx-sbx-postgres"
        2022/11/15 16:06:53 refreshing ephemeral certificate for instance mgcp-xxxx-xxxx-pay-svc-sbx:europe-west2:xxxx-sbx-postgres
        2022/11/15 16:06:53 Scheduling refresh of ephemeral certificate in 54m59
        
        2022/11/15 16:09:04 couldn't connect to "mgcp-xxxx-xxx-pay-svc-sbx:europe-west2:xxxxx-sbx-postgres": dial tcp 10.12.121.5:3307: connect: connection timed out
        psql: error: server closed the connection unexpectedly
                This probably means the server terminated abnormally
                before or while processing the request.

Answer 1

Because of peering transitivity limitation, you can't achieve that. You have 2 solutions:

• Set up your Cloud Composer in your Shared VPC
• Set up a VPN (yes a VPN!) between the Composer VPC (default?) and the Shared VPC.