This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Connect Cloud Functions with Cloud SQL

Posted 2 weeks ago
purna05
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

Hi Team

I'm working on the same process where my cloud SQL MySql instance was created in projectA and I want to access MySql from projectB using cloud functions. 

ProjectA details:
ProjectID : migration-project-421317
CloudSQL Instance Name : (migration-project-421317:us-central1:testsql)
VPC Network: testsqlvpc
Service account : (added service account of projectB and cloudsql client role)

ProjectB details :
ProjectID : steel-math-354217
Cloud Function Name : vpc-function
Serverless VPC access : cloud-sl-vpc-connect (10.8.0.0/28 as IP range)
VPC network : vpcforcf
SA : default service account

created 2gen with HTTPS trigger checked Allow unauthenticated invocations.
 Runtime SA : default SA
Build SA : default SA
Ingress : Allow ALL
Egress : Network = Serverless VPC access : cloud-sl-vpc-connect

took runtime as python39 and prepared a basic script to add data into particular column in MySql Database. Test Function was green with 0 errors and successfully deployed with 0 errors. but when i try to Test function it executed with POST 200 status and I'm getting below error and no error logs

purna05_0-1714645967533.png

 

purna05_1-1714645967548.png

 

 

1 4 180
Topic Labels
4 REPLIES 4

Posted on --/--/---- --:-- AM
juliadeanne
Staff
Reply posted on --/--/---- --:-- AM

Hello @purna05,

Welcome to the Google Cloud Community!

Could you please re-upload the images with the error message or type it out here? I cannot see the error message clearly. Thanks!

Posted on --/--/---- --:-- AM
purna05
Bronze 3
Bronze 3
In response to juliadeanne
Reply posted on --/--/---- --:-- AM

Hi @juliadeanne ,

Refer Cloud SQL and serverless VPC access details:
Cloud SQL instance (testsql) with Private IP 

purna05_1-1715103069692.png

 

create SQL instance with (VPC-b) VPC network:

purna05_0-1715103004216.png

Serverless VPC access details:

purna05_2-1715103228598.png

 

Cloud Funtion details:

purna05_4-1715103409841.pngpurna05_5-1715103579551.png

I specified all IAM roles. even though I'm getting the same error.

If possible can we connect once on Google Meet to sort out this issue? 



Posted on --/--/---- --:-- AM
juliadeanne
Staff
In response to purna05
Reply posted on --/--/---- --:-- AM

Hello @purna05,

Welcome to the Google Cloud Community!

The error message shows that the Cloud Function in projectB does not have the permissions required to use the VPC connector (vpc-connection-sql) for connecting to your Cloud SQL instance in projectA.

Try these steps to fix the issue:
- Open the Google Cloud Console and go to IAM & Admin -> IAM.
- Choose projectA (migration-project-421317) from the project list.
- Look for "VPC Access Connector User" under "Roles."
- Make sure the service account from projectB (steel-math-354217) is assigned the "VPC - Access Connector User" role, which allows it to use the VPC connector.

Additionally, make sure the Serverless VPC Connector in Project B is configured correctly and connected to the appropriate VPC network. Check that its IP range is correct and does not overlap with other networks.

If you need more help troubleshooting this issue, consider contacting Google Cloud Support. They can provide screen sharing and discuss the issue further with you. Visit: Google Cloud Support Hub .

Posted on --/--/---- --:-- AM
purna05
Bronze 3
Bronze 3
In response to juliadeanne
Reply posted on --/--/---- --:-- AM

Hi @juliadeanne 
I tried assigning proper permission to cloud functions and vpc network. but even though the same error is occurring. if possible can we connect and discuss resolving it in Google Virtual connect? I appreciate your time.