A RetroSearch Logo

Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Search Query:

Showing content from https://cloud.google.com/sql/docs/postgres/connect-multiple-vpcs below:

Connect your instance to multiple VPCs | Cloud SQL for PostgreSQL

Connect your instance to multiple VPCs

Stay organized with collections Save and categorize content based on your preferences.

This page describes how to connect to your Cloud SQL instance across transitively peered VPCs.

Cloud SQL offers the following ways to connect your Cloud SQL instance to multiple VPCs using private IP:

Connect using custom advertised routes

You can use Cloud Router to configure custom advertised routes between two networks that go through an intermediate VPC to connect multiple VPCs to your Cloud SQL instance. The two VPCs must be connected using a virtual private network (VPN), Cloud Interconnect , or any other Cloud Router supported network.

With custom advertised routes, your Cloud SQL VPC, VPC C, is connected to your main VPC, VPC A, using an intermediate VPC, VPC B. You can configure shared routes between these networks in the following ways:

We recommend using custom advertised routes to connect multiple VPCs to your Cloud SQL instance using Cloud Router.

You can set up an intermediate proxy, such as SOCKS5 proxy, on an intermediate VPC along with the Cloud SQL Auth Proxy in your main VPC between the client and your Cloud SQL instance. This enables the intermediate node to forward encrypted traffic from the Cloud SQL Auth Proxy to the Cloud SQL instance.

To use an intermediary proxy to connect to your Cloud SQL instance from multiple VPCs, follow these steps:

  1. On your external client, install gcloud CLI.

  2. On the intermediary VM, install, configure, and run a SOCKS server. One example of this server is Dante, a popular open source solution.

  3. Configure the server to bind to the VM's ens4 network interface for both external and internal connections. For internal connections, specify any port.

  4. Configure your VPC's firewall to allow TCP traffic from the appropriate IP address or range to the SOCKS server's configured port.

  5. On your external client, download and install the Cloud SQL Auth Proxy.

  6. On your external client, start the Cloud SQL Auth Proxy.

    Because you configured your instance to use an internal IP address, when you start the Cloud SQL Auth Proxy, you must provide the --private-ip option.

    Also, set the ALL_PROXY environment variable to the intermediary VM's IP address and specify the port that the SOCKS server uses. For example, ALL_PROXY=socks5://VM_IP_ADDRESS:SOCKS_SERVER_PORT.

    Note: The default port for the SOCKS server is 1080.

    If you're connecting from a peered VPC, then use the intermediary VM's internal IP address; otherwise, use its external IP address.

  7. On your external client, test your connection using psql.

Connect using the Cloud SQL Auth Proxy as a service

You can install and run the Cloud SQL Auth Proxy on your intermediate VPC instead of your external client and enable secure connections by pairing it with a protocol-aware proxy, also known as a connection pooler. Examples of connection poolers include PGbouncer, or Pgpool-II(PostgreSQL only).

This connection method allows your applications to securely connect directly to the pooler using a configured SSL. The pooler passes databases queries to your Cloud SQL instance using the Cloud SQL Auth Proxy.

Note: You'll need to set up your own secure connection. These connections aren't secured by Cloud SQL. Connect using Private Service Connect

Private Service Connect allows you to connect to multiple VPC networks across different projects or organizations. You can use Private Service Connect to connect to either a primary instance or any of its read replicas. For more information about Private Service Connect, see Private Service Connect overview.

To connect across multiple VPCs using Private Service Connect, see Connect to an instance using Private Service Connect.

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025-07-02 UTC.

[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-07-02 UTC."],[],[]]


RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4