[google-cloud-sql-discuss] Connect to Cloud SQL Private Postgres instance from outside

Hi !

I am trying to connect to Cloud SQL Private Postgres instance from outside GCP.

The Postgres instance does not have a public IP and is using a VPC network. To reach it I am using the cloud sql docker proxy on OSX and a service account with the cloud sql admin role and cloud sql API enabled.

I am able to start the proxy and request a connection to the instance:

$ Listening on 0.0.0.0:5432 for myproject:northamerica-northeast1:myproject-database-someid
$ Ready for new connections
$ New connection for "myproject:northamerica-northeast1:myproject-database-someid"
 

The request eventually times out as it is refused:

$ couldn't connect to "myproject:northamerica-northeast1:myproject-database-someid": dial tcp 192.168.0.3:3307: connect: connection refused

However in the Postgres database logs I can see that the request was reached and authorized:

{ ...,
authorizationInfo:
[ 0:
{
granted: true
permission: "cloudsql.instances.connect"
resource: "instances/myproject-database-someid"
resourceAttributes: {}
} ]
methodName: "cloudsql.instances.connect"

I have tried applying firewall rules (open port 3307) on the VPC network to no avail.

--
You received this message because you are subscribed to the Google Groups "Google Cloud SQL discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-cloud-sql-discuss+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-cloud-sql-discuss/80f5504e-3908-4841-b728-f4f02307af2b%40googlegroups.com.