nerdexam
Google

PROFESSIONAL-CLOUD-DEVELOPER · Question #317

You are using Cloud Run and Cloud SQL for PostgreSQL to develop an application. You want to test your application code locally before deploying new application versions to the development environment

The correct answer is B. Download and install the Cloud SQL Auth Proxy to your local development environment.. The Cloud SQL Auth Proxy (option B) is the Google-recommended tool for this exact scenario. It runs as a local sidecar process that intercepts database connections from your application and tunnels them to Cloud SQL over an encrypted TLS connection, while handling IAM-based authe

Developing and Deploying Applications

Question

You are using Cloud Run and Cloud SQL for PostgreSQL to develop an application. You want to test your application code locally before deploying new application versions to the development environment that is shared with other developers. You need to set up your Cloud Run local development environment to test your application while keeping all traffic to Cloud SQL instances encrypted and authenticated to Cloud IAM and PostgreSQL. What should you do before starting the local development server?

Options

  • AInstall PostgreSQL on your local workstation. Run a local PostgreSQL database on your
  • BDownload and install the Cloud SQL Auth Proxy to your local development environment.
  • CDeploy a Compute Engine instance, and install HAProxy on the instance. Configure Cloud SQL
  • DConfigure your local development server to connect to the private IP address of the Cloud SQL

How the community answered

(23 responses)
  • B
    96% (22)
  • C
    4% (1)

Explanation

The Cloud SQL Auth Proxy (option B) is the Google-recommended tool for this exact scenario. It runs as a local sidecar process that intercepts database connections from your application and tunnels them to Cloud SQL over an encrypted TLS connection, while handling IAM-based authentication automatically using Application Default Credentials. Your application connects to localhost as if it were a local PostgreSQL instance, but all traffic to the actual Cloud SQL instance is encrypted and authenticated. Option A (installing local PostgreSQL) creates a completely separate database with no connection to Cloud SQL and does not test real Cloud SQL behavior. Option C (Compute Engine with HAProxy) is overly complex and does not provide IAM authentication. Option D (connecting via private IP) requires VPN or Cloud VPN setup to reach private Cloud SQL IPs from a local workstation and does not handle IAM auth.

Topics

#Cloud SQL Auth Proxy#Local Development#Database Connectivity#Security Best Practices

Community Discussion

No community discussion yet for this question.

Full PROFESSIONAL-CLOUD-DEVELOPER Practice