This message was deleted.
# google-clouds
sparse-intern-71089
12/11/2023, 5:16 PMThis message was deleted.
l
limited-farmer-68874
12/12/2023, 6:54 PMI don't do anything special to get my cloud run services to access CloudSQL -- no need for annotations or anything like that.
I just grant the service account that runs the service "cloudsql.client" and "cloudsql.instanceUser"
Copy code
projects.IAMBinding(
f"cloud-sql-client-binding",
role="roles/cloudsql.client",
members=[
pulumi.Output.concat("serviceAccount:", sa.service_accounts[user].email)
for user in sql_users
],
project=project_id,
opts=pulumi.ResourceOptions(depends_on=sql_user_resources),
)
projects.IAMBinding(
f"cloud-sql-user-binding",
role="roles/cloudsql.instanceUser",
members=[
pulumi.Output.concat("serviceAccount:", sa.service_accounts[user].email)
for user in sql_users
],
project=project_id,
opts=pulumi.ResourceOptions(depends_on=sql_user_resources),
) Copy code
import os
from google.cloud.sql.connector import Connector
def create_connection():
with Connector() as connector:
return connector.connect(
os.getenv("CLOUD_SQL_CONNECTION_NAME"),
"pg8000",
db="my-db",
user=os.getenv("CLOUD_SQL_USER"),
enable_iam_auth=True,
)m
miniature-computer-95401
12/12/2023, 9:36 PMThanks. That was my fallback as well, and it works. It's just quite a bit slower ons creating the connection compared to using a Unix socket. I don't mind this on a cloud run instance, but it is unpleasant with short lived cloud functions.
l
limited-farmer-68874
12/12/2023, 9:37 PMAh... yeah, fair enough.
b
billions-piano-69192
06/09/2024, 4:34 PM@miniature-computer-95401 did you happen to figure this out?
l
limited-farmer-68874
06/09/2024, 6:01 PMFunny enough, because I wanted to use psycopg3, I ended up creating a custom solution to connect to Cloud SQL via unix sockets while still leveraging Cloud IAM auth:
https://github.com/GoogleCloudPlatform/cloud-sql-python-connector/issues/219#issuecomment-2038917429
b
billions-piano-69192
06/09/2024, 8:00 PMAh this is interesting. I'll give this a shot.