Answer-first summary for fast verification
Answer: 1. Create your instance with a specified internal (private) IP address. 2. Choose the VPC with private service connection configured. 3. Configure the Serverless VPC Access connector in the same VPC network as your Cloud SQL instance. 4. Use Cloud SQL Auth proxy to connect to the instance.
To secure a Cloud SQL instance so that it only receives connections from applications running in your VPC environment, especially from Cloud Run, the best approach is to use a private IP address for the Cloud SQL instance. This ensures that the instance is not accessible from the public internet. Configuring a private service connection for the VPC and setting up a Serverless VPC Access connector allows Cloud Run services to communicate with the Cloud SQL instance within the same VPC network. Using the Cloud SQL Auth proxy is recommended for secure connections, as it provides encryption and IAM-based authorization without the need for managing SSL certificates. Therefore, option C is the correct choice as it covers all these aspects effectively.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
How can you configure a Cloud SQL instance to only accept connections from applications within your Google Cloud VPC when deploying an application on Cloud Run?
A
B
C
D