<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2634489&amp;fmt=gif">

Infrastructure, Databases, Cloud Migration

How can I access the Cloud SQL with private IP only from another Project/VPC?

By Erickson Joseph Santos | March 15, 2022

We are trying to migrate a GCE DB instance residing in Project-A / VPC-A, to an existing Cloud SQL instance residing in Project-B / VPC-B that has private IP only. 


Best answer by guillaume blaquiere

You can’t!


In fact, when you have a private IP on a Cloud SQL instance, Google creates a peering between the VPC A and the Cloud SQL managed by google world

In project B, to access to VPC A, you need to create another peering. And there is a golden roule in VPC peering with GCP: the peering is not transitive. Which mean:

if A → B and B → C, a CAN’T reach C because of lack of transitivity



Use public IP without authorized network and Cloud SQL proxy for that. I know, the security teams hate that, and I’m fighting everyday to teach them!!


You can also use a dirty hack. Instead of peering between VPC A and VPC B, you can create a VPN. It’s more expensive, but it solves your issue ;)

Recent Articles

Google Cloud Strategy

AI Cheat Sheet

AI is no more and no less the drive to create robots with human minds so they can do everything we do and more. Use this cheat sheet to help decode the space.
By Leah Zitter
AI and Machine Learning

CarCast with Bruno Aziza: What Makes Us Better Than AI?!

Unlock the secrets of human cognitive superiority over AI in this compelling CarCast with Bruno Aziza and Kenneth Cukier.
By Bruno Aziza
AI and Machine Learning

CarCast with Bruno Aziza: The Metrics You CAN'T Afford To ...

Discover essential CEO metrics: Rule of 40, CAC Ratio, NRR/GRR, and more. Optimize your business for success now!
By Bruno Aziza