[google-cloud-sql-discuss] Re: Google Cloud Platform - forward ports to multiple SQL instances

 IP traffic using private services access is never exposed to the public Internet. Therefore, attack vectors are limited. Also, private IP can provide lower network latency than public IP. If you try to connect external clients to the VPC, you defy its primary purpose. In any case, you can connect external clients to you Cloud SQL instances directly, as detailed on the "Connecting to Cloud SQL from external applications" documentation page. 

On Wednesday, 28 October 2020 at 14:55:38 UTC-4 Bas wrote:

I am running multiple SQL instances in Google Cloud Platform (GCP). I have multiple masters with some read-replicas. Each instance has a private IP-address based on the region it is in, all instances use the same stock MySQL port (3306).

In the same VPC I have a few compute engines that can connect to each of the SQL instance without any problems. But I also have a couple (10~15) clients that need to connect from outside the VPC, through the internet so to say.

The question is how can I forward certain ports to the right internal IP-address in my VPC? IE:

<public-ip>:12345 -> 10.x.x.1:3306
<public-ip>:23456 -> 10.x.x.2:3306
<public-ip>:34567 -> 10.x.x.3:3306  

I want to use a single firewall for the public-ip. If I set a public IP for each SQL instance I will need to set network access for each instance for each client. That is going to ge a nightmare quite fast.

--
You received this message because you are subscribed to the Google Groups "Google Cloud SQL discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-cloud-sql-discuss+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-cloud-sql-discuss/f8d234b1-a390-4283-8d3e-67fc55018170n%40googlegroups.com.