Google Professional Cloud Database Engineer

Get started today

Ultimate access to all questions.

Explanation:

To secure a Cloud SQL instance so that it only receives connections from applications running in your VPC environment, especially from Cloud Run, the best approach is to use a private IP address for the Cloud SQL instance. This ensures that the instance is not accessible from the public internet. Configuring a private service connection for the VPC and setting up a Serverless VPC Access connector allows Cloud Run services to communicate with the Cloud SQL instance within the same VPC network. Using the Cloud SQL Auth proxy is recommended for secure connections, as it provides encryption and IAM-based authorization without the need for managing SSL certificates. Therefore, option C is the correct choice as it covers all these aspects effectively.

Explanation:

Comments (0)

No comments yet.

How can you configure a Cloud SQL instance to only accept connections from applications within your Google Cloud VPC when deploying an application on Cloud Run?

Exam-Like

Last updated: December 21, 2025 at 14:03

Create your instance with a specified external (public) IP address. 2. Choose the VPC and create firewall rules to allow only connections from Cloud Run into your instance. 3. Use Cloud SQL Auth proxy to connect to the instance.

3.0%

Create your instance with a specified external (public) IP address. 2. Choose the VPC and create firewall rules to allow only connections from Cloud Run into your instance. 3. Connect to the instance using a connection pool to best manage connections to the instance.

6.1%

Create your instance with a specified internal (private) IP address. 2. Choose the VPC with private service connection configured. 3. Configure the Serverless VPC Access connector in the same VPC network as your Cloud SQL instance. 4. Use Cloud SQL Auth proxy to connect to the instance.

69.7%

Powered ByGPT 5.4 powered

Create your instance with a specified internal (private) IP address. 2. Choose the VPC with private service connection configured. 3. Configure the Serverless VPC Access connector in the same VPC network as your Cloud SQL instance. 4. Connect to the instance using a connection pool to best manage connections to the instance.