Issues SQL connection with a specific account
I'm having an issue with the CloudSQL connection on a specific account. If I use account A to preview the project it works fine, yet account B with the exact same cloudSQL credentials is unable to preview, account B is the owner of the project.
They both have the same IAM roles in the cloudSQL project and both accounts were able to preview last week. I've tried deleting cache, navigation files and another browser using account B.
Any ideas?
I'm going to add a new answer to resolve this because I think it's worthwhile to keep the previous answer and discussion intact. The issue here was that the accounts which did not work have the "Viewer" role in the IAM & Admin section of the Google Cloud SQL project. The Viewer role gives (among other permissions) read access to Cloud SQL, but not write access.
The best role to use if restricted access is required, but they need full access to read/write SQL, is the Google Cloud SQL Client role. See https://cloud.google.com/sql/docs/mysql/project-access-control for more information on roles and what access they give.
Thanks for Juan for help tracking all this down.
Edit: It's also worth mentioning that the reason this works in the Editor, but not in Preview/Deployments is the editor is explicitly whitelisted for access (as one of the steps we ask you to do in the documentation), so it doesn't use role permissions for a particular account, while access through your deployments is not explicitly whitelisted in this way, so role permissions are enforced.
- How to export data from Google BigQuery to PostgreSQL
- How to connect Google Data Studio to Google Cloud SQL
- database connection URI string for GCP cloudsql postgres database?
- Best way to import Google Cloud SQL data into BigQuery
- Creating a CloudSQL IAM user different than logged in IAM user
- How to lower costs of having MySQL db in Google Cloud
- Google Cloud Functions and Cloud SQL - Intermittent Connection Errors & SQL Admin Quota
- Secret Manager with Spring Boot issue
- How to fix mysql access denied on google-cloud-platform compute instance
- In Google Cloud SQL Postgres how do I avoid log_min_messages as not superuser?
- How to simplify and remove overlap in GeoJSON polygons
- ERROR 2005 (HY000): Unknown MySQL server host '[35.232.51.216]' (0) in google cloud SQL client
- How to increase the connection limit for the Google Cloud SQL Postgres database?
- Removing 0.0.0.0/0 as allowed IP from a Google SQL instance production
- How to connect Sequelize to Google Cloud SQL database when I have deployed my Node.JS backend api?
- Does Cloud SQL have a query console or is CLI the only option?
- Connection between Private GKE and Cloud SQL
- Connecting Google App Engine to a Cloud SQL (Prisma) Postgres instance (through Bitbucket CI/CD)
- Why would Mysql return "error Column cannot be null"?
- PostgreSQL autovacuum causing significant performance degradation
- Unable to connect from BigQuery job to Cloud SQL Postgres
- Unable to pip install google.cloud.sql.connector when building docker image
- Trying to find the `recommended dns` data for GCP Cloud SQL instance
- Failing to upgrade postgres 11 instance to postgres 15 instance on Google cloud Sql
- Error "address already in use" when trying to connect to google cloud SQL using cloud-sql-connector
- Using SQLAlchemy to migrate databases (sqlite to Postgres CloudSQL)
- Local MySQLdb connection fails with AttributeError for paramstyle when running GAE development server
- Error with Django application on Cloud Run using Cloud SQL PostgreSQL DB - cannot connect to database
- Cloud Function cannot connect to Cloud SQL with "upstream request timeout"
- Create CloudSQL instance without public IP