Unfortunately no, not easily. Cloud SQL is a service deployed from Private Services (a Google-managed VPC) and when you instantiate an instance of it, that Cloud SQL is peered to your project's VPC where you deploy it. That means there's already one degree of VPC peering happening. VPC peering is not transitive sadly. So e.g. you have VPC A peered to VPC B, and VPC B is peered to VPC C. VPCs A and C cannot see each other.
Ways around this are to use VPC Sharing instead of peering, and use hosted projects to house your data (shared VPCs can see each other okay), or use Public IP on your Cloud SQL instance (but don't use authorized networks which becomes more of a security issue) and use the SQL Proxy like you are. You can also set up a bastion instance in the VPC with Cloud SQL. Use a VM with a public IP that you lock down to only be able to communicate with the application VPC, and use something like a Socks5 proxy on the bastion instance.
| Gabe Weiss (he/him) | | Developer Advocate | | gweiss@google.com |
On Fri, Jul 8, 2022 at 9:18 AM 변재천 <byunddong88@gmail.com> wrote:
I made two VPCs and connected them with peering.
Can I access Cloud SQL in B-VPC from VM in A-VPC?
SQL Proxy and Public IP are not being used.
Cloud SQL is using private IP.
--
You received this message because you are subscribed to the Google Groups "Google Cloud SQL discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-cloud-sql-discuss+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-cloud-sql-discuss/871246a5-5c07-413d-8a17-cbba2e0fb0a8n%40googlegroups.com.
You received this message because you are subscribed to the Google Groups "Google Cloud SQL discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-cloud-sql-discuss+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-cloud-sql-discuss/CAM9LKEr%3DtB2Wq%3DXEY94EGzXgDSeZ%2ByOmSgEkKCrDt-vMZ7paVQ%40mail.gmail.com.
No comments:
Post a Comment