2

I have configured private Service Access for CloudSql from my VPC. My VPC has 2 subnets in regions us-west1 and us-central1.

The issue is:

My app is NOT able to connect to the CloudSQL instance from us-west1 (subnet) but is able to connect from other region us-central1 fine.

I believe the private Service access is at VPC level so all subnets in that VPC should be able to connect the CloudSQL instance fine.

Help appreciated!

Daniele Santi
  • 2,479
  • 1
  • 25
  • 22
Pratap
  • 21
  • 3

3 Answers3

2

As stipulated on GCP public documentation at this link in the network requirements paragraph:

To access a Cloud SQL instance on its private IP addresses, you must use a GCP resource in the same region.

Please make sure that the app is in the same region as the cloudSQL instance.

Django
  • 422
  • 2
  • 5
1

Thought I'd give a more up-to-date answer as it should work now according to the updated documentation:

You can connect through private IP from any region. You can also connect through Shared VPCs between projects.

I was able to connect a Cloud Run service using the serverless VPC connector (beta as of now) from a different region than my DB using the private IP.

ahong
  • 121
  • 2
1

In addition to Django's answer above:

The GCP resources you will use to connect to your Cloud SQL instance must also be the same region as your Cloud SQL instance, and use a subnet of the VPC network in that region as well. These resources could be Compute Engine instances (VMs) or Google Kubernetes Engine instances.

Ref: https://cloud.google.com/sql/docs/postgres/configure-private-ip

This applies to both MySQL and PostgreSQL.

This is a known limitation with Google Cloud Networking as of the time of this writing. I am just hopeful in the near future that it will be supported.

Eduardo B.
  • 111
  • 4