is it safe to open Google SQL instance for any IP but with SSL connection only?

I have an application that using Google mysql database anywhere, so I opened my instance for any ip address by whitelisting the subnet in this way :0.0.0.0/0

But I also made it available for ssl connections only with certificates and now I am connecting with that way.

Is that secure enough ? And will it be possible for the hackers to hack my database ?

Thank you

Solution

If you are using the 'Only allow SSL connections.' then you should be reasonable safe. I would also recommend using the mysql passwords.

Note that the SSL verification is done by mysqld so the instance needs to spin up to check each connection that passes the IP ACL. If you use whitelist then 0.0.0.0/0 then anyone can spin up your instance. This is not an issue for the monthly plan but it will probably be if you plan to take advantage of the on-demand mode.

Implicitly trust SSL certificates in iOS app for private API
How do I setup a SSL certificate for an express.js server?
node-forge: save DER encoded certificate to file
How to install OpenSSL in windows 10?
Comparing if *.csr and *.pem files match
How to secure multiple wildcard domain names in single SSL certificate?
How to force Visual Studio to re-create the SSL certificate for a .NET Core Web Application running Kestrel?
Importing SSL Certificate into Eclipse
"PKIX path building failed" and "unable to find valid certification path to requested target"
Why is my localhost self-signed SSL certificate suddenly invalid in Chrome?
CURL showing "No required SSL certificate was sent" eve
HTTPS connections to cloudfront / S3 using godaddy domain
SSL Certificate to JSON
How to properly create a secure web server with Dart?
LetsEncrypt SSL on IP Address
Generate DER format public key from PEM format certificate and PEM format public key
IIS10 SSL Configuration for Multiple Sites and more than one SSL Cert
How to get subject hash of a PEM certificate
react-native java.security.cert.CertPathValidatorException: Trust anchor for certification path not found
Tomcat server AND HTTP Client accepting expired self-signed certificate
Installed SSL certificate in certificate store, but it's not in IIS certificate list
Create a .crt for android
"Key vault reference error" in azure web app configuration setting
How to properly install certificates on Docker in ASP.NET Core application?
AuthenticationException: The remote certificate is invalid because of errors in the certificate chain: UntrustedRoot, NotValidTime
Weak Self-Signed Certificate and HTTPS Error for IP Address on iOS
Challenge failed for http 01
Cannot install anything with brew, Error: Failed to download resource "git--html"
Error: unable to verify the first certificate in nodejs
"javax.servlet.request.X509Certificate" request attribute does not return CA certs