Securely Connecting to Google Cloud SQL from Porter

Porter supports connecting to a Google Cloud SQL database using the Cloud SQL Auth proxy. This connection method provides Google Cloud users strong encryption and IAM-based authentication when accessing a MySQL, PostgreSQL, or SQL Server instance hosted on Cloud SQL.

If you don't already have a Cloud SQL instance, please refer to the official docs for creating a Cloud SQL instance.

πŸ“˜

This guide will demonstrate how to securely connect to a PostgreSQL instance hosted on Cloud SQL. That said, the steps for connecting to MySQL or a generic SQL Server on Cloud SQL are virtually identical.

  1. First, navigate to the Launch tab from the Porter dashboard and choose to create either a Web Service or Worker (depending on whether you would like to expose your service to external traffic).

  2. After naming your service and configuring any desired application settings, navigate to the Advanced tab under Additional Settings and select Enable Google Cloud SQL Proxy:

Cloud SQL proxyCloud SQL proxy

  1. You will be prompted for an Instance Connection Name, Database Port, and Service Account JSON. First, go to your Cloud SQL dashboard and copy your database's Instance Connection Name into Porter:

Instance connection nameInstance connection name

  1. Next, on the Porter dashboard specify the port for your database. Defaults are: Postgres: 5432, MySQL: 3306, SQLServer: 1433.

  2. Finally, copy the raw JSON of your Cloud SQL Service Account into the Service Account JSON field. If you don't already have a Cloud SQL Service Account, you should create a Service Account with Cloud SQL access permissions:

Service Account JSONService Account JSON

  1. After deploying your template, your service should be able to connect to your Cloud SQL database via localhost.

If you would like to learn more about connecting to Cloud SQL via Auth proxy, please refer to refer to the official Google Cloud guide for additional information.