<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2634489&amp;fmt=gif">

Infrastructure, Databases, Cloud Migration

How can I access the Cloud SQL with private IP only from another Project/VPC?

By Erickson Joseph Santos | March 15, 2022

We are trying to migrate a GCE DB instance residing in Project-A / VPC-A, to an existing Cloud SQL instance residing in Project-B / VPC-B that has private IP only. 


Best answer by guillaume blaquiere

You can’t!


In fact, when you have a private IP on a Cloud SQL instance, Google creates a peering between the VPC A and the Cloud SQL managed by google world

In project B, to access to VPC A, you need to create another peering. And there is a golden roule in VPC peering with GCP: the peering is not transitive. Which mean:

if A → B and B → C, a CAN’T reach C because of lack of transitivity



Use public IP without authorized network and Cloud SQL proxy for that. I know, the security teams hate that, and I’m fighting everyday to teach them!!


You can also use a dirty hack. Instead of peering between VPC A and VPC B, you can create a VPN. It’s more expensive, but it solves your issue ;)

Recent Articles

Data Analytics

Generative AI: Are You Behind?!

Review the latest insights from the AI Readiness Report.
By Bruno Aziza
Industry Solutions

Make "Gen AI Work": Landscape, SLMs vs. LLMs, Cost & More...

Discover the 5 metrics you need to know in order to be an exceptional CEO and Operator.
By Bruno Aziza
Google Cloud Strategy

AI Cheat Sheet

AI is no more and no less the drive to create robots with human minds so they can do everything we do and more. Use this cheat sheet to help decode the space.
By Leah Zitter