Home > OS >  What are the IAM permissions required for an App engine service account to connect with a CloudSQL w
What are the IAM permissions required for an App engine service account to connect with a CloudSQL w

Time:01-06

  1. I created a CloudSQL instance with Private IP in the us-central1 region.
  2. The cloud SQL instance is accessible for a Compute Engine VM.
  3. I created a serverless VPC connector in the us-central1 region.
  4. I deployed a cloud-run app with a serverless VPC connector that was able to connect to the CloudSQL instance successfully.
  5. I deployed the same docker container in my App engine. Now I experienced a Cloud SQL connection timeout error.

The service account used by my App engine has the following permission:

  • Artifact registry reader
  • Logs Writer

App Engine deployment config file (app.yaml)

service: demo-app
runtime: custom
env: flex

manual_scaling:
  instances: 1
resources:
  cpu: 1
  memory_gb: 0.5
  disk_size_gb: 10

vpc_access_connector:
  name: projects/<PROJECT_ID>/locations/<REGION>/connectors/sample-connector

service_account: app-engine@<PROJECT_ID>.iam.gserviceaccount.com

CodePudding user response:

Because you use App Engine Flex, you have to specify the network in your configuration. The VPC access connector has no effect here.

If you set correctly the network, the same as your Cloud SQL instance is connected, simply use the Cloud SQL private IP and directly access to your database.

Page link:https//www.codepudding.com/os/664096.html

Prev:Kotlin Android Studio - "If" is not executing in correct condition
Next:Is it good to use one settings repository for multiple JetBrains products
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding