I have hosted my application in a CloudRun Container and connected it to CloudSQL. Everything is in a VPC Network and is running smoothly. Now I would like to modify data in production from a Database tool like DataGrid. Therefore I need to connect my local environment to my VPC-Network. I did this through a Cloud VPN Tunnel. Now I would like to connect to the SQL instance.
Here I got stuck and I'm wondering how I can establish the connection. It would be great if someone would know how I can solve this issue. Thanks!
My preferred solution is to use the public IP BUT without whitelisting any network. In fact, it's like if y ou have a public IP and all the connexion are forbidden.
The solution here is to use Cloud SQL proxy and to open a tunnel from your computer to the Cloud SQL database (that you reach on the public IP, but the tunnel is secured); It's exactly like a VPN connexion: a secure tunnel.
You can do this
./cloud_sql_proxy -instances=<INSTANCE_CONNECTION_NAME>=tcp:3306
If the port 3306 is already in use, feel free to use another one
If you prefer the private IP only (sometime, it's security team requirement), I wrote an article on this.
If you use a VPN (and you are connected to Cloud VPN) take care to open the correct route and firewalls in both way (in and out)