This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Access to Private Ip CLoudSql instance on default VPC not working from outside the network

Posted 2 weeks ago
Kiki26
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hello,

 

We have a postgres cloudsql DB with a private Ip in the default VPC network.
I would like to establish a connection from my local desktop to this DB. Using cloud proxy the request times out, and while using gcloud compute start-iap-tunnel to the instance, I get a unauthorized exception.

I was wondering if this scenario is feasible and what setup/permissions I would need to do the same ?

Thank you
Kiki

6 1 60
Topic Labels
1 REPLY 1

Posted on --/--/---- --:-- AM
christianpaula
Staff
Reply posted on --/--/---- --:-- AM

Hi @Kiki26,

Welcome to Google Cloud Community!

Direct Connection Methods (Not recommended):

  • Cloud SQL Proxy: Times out due to security restrictions.
  • IAP Tunnel: Results in "unauthorized exception" due to missing permissions.

Secure Connection Options:

  1. Cloud VPN:
    • Creates a secure tunnel between your local network and VPC.
    • Allows connection using private IP and standard tools.
  2. Cloud SQL Auth Proxy (Cloud IAP):
    • Enables secure connections using Cloud Identity-Aware Proxy (IAP).
    • Requires granting IAM access for your local desktop user.
    • Offers granular access control.

Choose the method based on:

  • Security Needs: Cloud VPN exposes more, IAP provides finer control.
  • Configuration Complexity: Cloud VPN is simpler to set up.

Additional Resources: