PROFESSIONAL-CLOUD-DEVELOPER · Question #368
PROFESSIONAL-CLOUD-DEVELOPER Question #368: Real Exam Question with Answer & Explanation
The correct answer is C: Enable the Cloud SQL Admin API in both projects.. For Cloud Run to connect to a Cloud SQL instance in another project, the Cloud SQL Admin API must be enabled in both the project hosting the Cloud Run service and the project hosting the Cloud SQL instance. This API is required to establish secure connections between the service
Question
You have a Cloud Run service that needs to connect to a Cloud SQL instance in a different project. You provisioned the Cloud Run service account with the Cloud SQL Client IAM role on the project that is hosting Cloud SQL. However, when you test the connection, the connection fails. You want to fix the connection failure while following Google-recommended practices. What should you do?
Options
- AAdd the cloudsql.instances.connect IAM permission to the Cloud Run service account.
- BRequest additional API quota for Cloud SQL Auth Proxy.
- CEnable the Cloud SQL Admin API in both projects.
- DMigrate the Cloud SQL instance into the same project as the Cloud Run service.
Explanation
For Cloud Run to connect to a Cloud SQL instance in another project, the Cloud SQL Admin API must be enabled in both the project hosting the Cloud Run service and the project hosting the Cloud SQL instance. This API is required to establish secure connections between the service and the database. You’ve already assigned the Cloud SQL Client IAM role, which includes the necessary cloudsql.instances.connect permission. Additional steps, like migrating the Cloud SQL instance to the same project or requesting API quota, are unnecessary and would not resolve the connection
Topics
Community Discussion
No community discussion yet for this question.