Getting notAuthorized error with cloud_sql_proxy locally
I'm trying to setup a connection locally for 2nd generation cloud sql instance.
Call for the proxy is
./cloud_sql_proxy -dir=/cloudsql -instances=status-1268:us-central1:status-dev=tcp:3306 & mysql -u status_stg --host 127.0.0.1
I am a bit unclear on how to set up correctly the service accounts from the API section, so I tried with both of the defaults, App engine default service account and Compute engine default service account. I also created a new one service account. For each one of them I assigned the service account ID to be Editor and Owner from the manage permissions section. Perhaps there is another way to enable Cloud SQL Admin API for these accounts?
Output from proxy when my service tries to talk to DB:
./cloud_sql_proxy -dir=/cloudsql -instances=status-1268:us-central1:status- dev=tcp:3306 & mysql -u status_stg --host 127.0.0.1
ERROR 2003 (HY000): Can't connect to MySQL server on '127.0.0.1' (61)
2016/04/04 11:26:58 Open socket for "status-1268:us-central1:status-dev" at "127.0.0.1:3306"
2016/04/04 11:26:58 Socket prefix: /cloudsql
2016/04/04 11:27:10 Got a connection for "status-1268:us-central1:status-dev"
2016/04/04 11:27:11 couldn't connect to "status-1268:us-central1:status-dev": googleapi: Error 403: The client is not authorized to make this request., notAuthorized
2016/04/04 11:29:08 Got a connection for "status-1268:us-central1:status-dev"
2016/04/04 11:29:08 couldn't connect to "status-1268:us-central1:status-dev": googleapi: Error 403: The client is not authorized to make this request., notAuthorized
Thoughts on what to look for? I think I am missing something basic here configuring the service accounts.
(Overall, for my project I am running a node.js express app and hoping to connect it to 2nd gend cloud sql DB instance without having to expose it with 0.0.0.0 as I currently have working)
Thanks
Please double check the connection string. It sounds like your credentials are in order, so it's likely you have an error in the instance name.
I recommend copying & pasting the "Instance connection name" from the Cloud Console page for the instance:
- Can't figure out why I get App Engine flex "Uncaught Error: Call to undefined function Google\Protobuf\Internal\bccomp()"
- Migration from Container Registry to Artifact Registry for App Engine Standard Deployments
- Uploading a file Google App - Python
- gcloud not recognized as an internal or external command on Windows
- Not able to connect mysql with SSL enforced to app engine without connecting first in cloud shell
- GAE: find project name by project number
- Google Cloud Bigtable vs Google Cloud Datastore
- Can appengine files in asia.artifacts.../containers/images be safely deleted?
- Google App Engine is sending SVG with wrong mime-type
- Conflicting Errors with Google Cloud App Engine: App Already Exists But Can't Describe It
- A python web framework for google app engine
- Google Cloud Storage vs Google Cloud CDN
- gcloud.app.deploy Error Response: [13] Failed to create cloud build: invalid bucket
- Deleting a Google App Engine application
- Google App Engine slow cold boot time (Flask app)
- Why does my flex env google app engine instance have a minimum of 2 instances running, even when there is no traffic?
- JPA - When to use getTransaction() when persisting objects
- Python Headless Browser for GAE
- No api proxy found for service "memcache" GAE unittest2
- How to get the root directory of my app in google app engine?
- Install a NPM module in docker image and run it with golang app, using Google App Engine flex
- Migrate "App Engine Standard" away from"Container Registry?" (for "Artifact Registry")
- What is the best way to determine the maximum concurrent requests per instance for your App Engine or Cloud Run app?
- Do Google Cloud Task requests count towards concurrent requests in Google App Engine?
- Error migrating Google Cloud Container Registry to Artifact Registry: RESOURCE_EXHAUSTED
- Is it possible to receive email bounce notifications for google app engine - python?
- Google API - Cross platform client credential authentication
- Error during `gcloud app deploy` for GAE app: "Failed to create cloud build: invalid bucket"
- google cloud online glossary creation returning "empty resource name" error
- Hosting multiple customer websites on Google App Engine with Different custom domains pointing to different services