Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Cloud Database Engineer All Questions

View all questions & answers for the Professional Cloud Database Engineer exam
Go to Exam

Exam Professional Cloud Database Engineer topic 1 question 55 discussion

Actual exam question from Google's Professional Cloud Database Engineer
Question #: 55
Topic #: 1
[All Professional Cloud Database Engineer Questions]

You are writing an application that will run on Cloud Run and require a database running in the Cloud SQL managed service. You want to secure this instance so that it only receives connections from applications running in your VPC environment in Google Cloud. What should you do?

  • A. 1. Create your instance with a specified external (public) IP address.
    2. Choose the VPC and create firewall rules to allow only connections from Cloud Run into your instance.
    3. Use Cloud SQL Auth proxy to connect to the instance.
  • B. 1. Create your instance with a specified external (public) IP address.
    2. Choose the VPC and create firewall rules to allow only connections from Cloud Run into your instance.
    3. Connect to the instance using a connection pool to best manage connections to the instance.
  • C. 1. Create your instance with a specified internal (private) IP address.
    2. Choose the VPC with private service connection configured.
    3. Configure the Serverless VPC Access connector in the same VPC network as your Cloud SQL instance.
    4. Use Cloud SQL Auth proxy to connect to the instance.
  • D. 1. Create your instance with a specified internal (private) IP address.
    2. Choose the VPC with private service connection configured.
    3. Configure the Serverless VPC Access connector in the same VPC network as your Cloud SQL instance.
    4. Connect to the instance using a connection pool to best manage connections to the instance.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by chelbsik at Dec. 25, 2022, 10:45 a.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
chelbsik
Highly Voted 1 year, 11 months ago
Selected Answer: D
It's D, CloudSQL Auth proxy is not used when connecting to Private IP https://cloud.google.com/sql/docs/mysql/connect-run#configure https://cloud.google.com/sql/docs/mysql/connect-run#connection-pools
upvoted 11 times
gabrielosluz
1 year, 9 months ago
The Cloud SQL Auth proxy works with both public and private IP endpoints: https://cloud.google.com/sql/docs/mysql/connect-auth-proxy
upvoted 5 times
...
...
dynamic_dba
Highly Voted 1 year, 8 months ago
D. Cloud Run to Cloud SQL connectivity can be done using private IPs. Eliminate A and B. C would be right except you wouldn’t use Cloud SQL Auth Proxy because Serverless VPC Access would connect directly to the Cloud SQL instance. The connection pool reference in D puts you off, but it is the right answer. The link provided by SVGoogle89 is spot on.
upvoted 5 times
...
rglearn
Most Recent 4 weeks, 1 day ago
Selected Answer: D
cloud Run has built in SQL auth Proxy hence we dont need to it use it explicitly.
upvoted 1 times
...
Pime13
6 months, 3 weeks ago
Selected Answer: D
D: https://cloud.google.com/sql/docs/mysql/connect-run#connect
upvoted 2 times
...
PKookNN
10 months ago
Selected Answer: D
https://cloud.google.com/sql/docs/mysql/connect-run#connect_to - said clearly that there is no need for Cloud SQL Auth Proxy when using with Cloud Run.
upvoted 2 times
...
LaxmanTiwari
10 months, 1 week ago
API Quota Limits Cloud Run provides a mechanism that connects using the Cloud SQL Auth Proxy, which uses the Cloud SQL Admin API. API quota limits apply to the Cloud SQL Auth Proxy. The Cloud SQL Admin API quota used is approximately two times the number of Cloud SQL instances configured by the number of Cloud Run instances of a particular service deployed at any one time. You can cap or increase the number of Cloud Run instances to modify the expected API quota consumed.
upvoted 1 times
LaxmanTiwari
10 months, 1 week ago
Selected Answer: C
upvoted 2 times
...
...
examprof
11 months, 2 weeks ago
Option D. This link explicitly indicates that "For private IP paths, your application will connect directly to your instance through Serverless VPC Access. This method uses TCP to connect directly to the Cloud SQL instance without using the Cloud SQL Auth Proxy." https://cloud.google.com/sql/docs/mysql/connect-run#connect_to
upvoted 3 times
...
AngieSoccerBall49
12 months ago
D is the correct answer. A common misconception.
upvoted 1 times
AngieSoccerBall49
12 months ago
When using Cloud Run to connect to Cloud SQL Private IP addresses, it is unnecessary to use the SQL Auth Proxy in Private IP mode. The Serverless VPC Access Connector (which has been superceded by Cloud Run's direct VPC Egress) should connect directly and leverage a connection pooler (potentially in your application via client library, probably better as a separate instance) for more consistent connections to the Cloud SQL DB. You would create a specific "user" for this purpose in your database.
upvoted 1 times
...
...
nhiguchi
1 year ago
Selected Answer: C
C is correct.
upvoted 1 times
...
juliorevk
1 year, 1 month ago
Selected Answer: C
https://cloud.google.com/sql/docs/mysql/connect-auth-proxy "Works with both public and private IP endpoints"
upvoted 1 times
...
ewelaz
1 year, 1 month ago
Selected Answer: D
it's d, Auth proxy is not used when connecting to Private IP
upvoted 2 times
...
nqthien041292
1 year, 2 months ago
Selected Answer: C
Vote C
upvoted 1 times
...
learnazureportal
1 year, 2 months ago
correct answer is C - The Cloud SQL Auth proxy acts as a secure intermediary between your Cloud Run application and the Cloud SQL instance, allowing for secure and authenticated database connections while keeping the database inaccessible from the public internet.
upvoted 1 times
...
CloudKida
1 year, 4 months ago
Selected Answer: C
https://cloud.google.com/sql/docs/mysql/connect-overview Configuring your instance with a private IP is preferred when connecting from a client on a resource with access to a VPC. For more information about what resources can use private IP, see Requirements for Private IP. For private IP paths, the following services and applications connect directly to your instance through Serverless VPC Access: App Engine standard environment App Engine flexible environment Cloud Functions Cloud Run
upvoted 2 times
...
Sandipcst
1 year, 5 months ago
C Cloud SQL Auth Proxy can connect Cloud SQL instance with private ip by specifying --private-ip argument in same VPC. Cloud Run can run a container that gets the auth proxy installable files and run the auth proxy in cloud Run in same VPC.
upvoted 1 times
...
abdenago
1 year, 5 months ago
Selected Answer: D
auth proxy isn't required with private serverless access, the connection pool increases reliability of the connection
upvoted 2 times
...
KennyHuang
1 year, 6 months ago
Selected Answer: C
The Cloud SQL Auth proxy provides a secure connection between your application running on Cloud Run and the Cloud SQL instance. It handles authentication and encrypts traffic.
upvoted 1 times
...
Load full discussion...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel