How do I whitelist private IP in Google Cloud SQL?
Asked Answered
M

3

5

I am trying to create an Autoscaling web application network over HTTP Load Balancing. The Web Server Instances are going to be connected to load balancer. Further the web instances have to be connected to mysql/cloud sql through the internal IP.

So just to conclude, I need to use the Linux Web Instance (Not App Engine) and Connect to MySql/Cloud SQL through Internal Network Only? Is it possible?

Thanks!

Mot answered 13/4, 2015 at 19:15 Comment(0)
E
6

It's not possible, you need to use an external IP as stated in the documentation:

Note: You must use the external (public) IP address of the GCE instance.

Also, you can find here that it's not possible to authorize a private network like the one specified:

You can not specify a private network (for example, 10.x.x.x) as an authorized network.

Euphemism answered 14/4, 2015 at 8:50 Comment(3)
Furthermore, I've found that this question has already been asked in Stack OverflowBrokenhearted
Thanks Adrian, now what that causes is a security concern, considering your internal traffic (ie. the MySQL Connection) is routed through a public / external network. One more point that I can think of is auto scaling. Since based on the parameters more VMs would be added, it would be required to automatically whitelist the public ip addresses assigned (this may change if not static)Mot
You can connect to your Cloud SQL instance using the SSL protocol. Regarding your other question, you can modify your instance template and add an startup-script that authorizes the instance IP with the corresponding gcloud SDK command.Brokenhearted
H
5

You should use the cloud SQL proxy.

It runs on the box providing secure access to your Cloud SQL database.

Example here for container engine: https://cloud.google.com/sql/docs/container-engine-connect

Hautesavoie answered 1/10, 2016 at 15:50 Comment(0)
V
-3

To access the CloudSQL the IP must be white listed. To white list an IP go to your project then on the side bar: Storage -> Cloud SQL. Select your instance then 'Access Control'. Under 'Authorization' click the '+' to add your IP.

Vaso answered 13/4, 2015 at 23:4 Comment(1)
Hi Ryan, it doesnt allow me to whitelist Private IPs (for example 10.0.0.0/24)Mot

© 2022 - 2024 — McMap. All rights reserved.