Google Cloud Professional Cloud Database Engineer — Question 2

You are developing a new application on a VM that is on your corporate network. The application will use Java Database Connectivity (JDBC) to connect to Cloud SQL for PostgreSQL. Your Cloud SQL instance is configured with IP address 192.168.3.48, and SSL is disabled. You want to ensure that your application can access your database instance without requiring configuration changes to your database. What should you do?

Answer options

• A. Define a connection string using your Google username and password to point to the external (public) IP address of your Cloud SQL instance.
• B. Define a connection string using a database username and password to point to the internal (private) IP address of your Cloud SQL instance.
• C. Define a connection string using Cloud SQL Auth proxy configured with a service account to point to the internal (private) IP address of your Cloud SQL instance.
• D. Define a connection string using Cloud SQL Auth proxy configured with a service account to point to the external (public) IP address of your Cloud SQL instance.

Correct answer: C

Explanation

The correct answer is C because using the Cloud SQL Auth proxy with a service account allows secure access to the internal IP of the Cloud SQL instance without requiring any database configuration changes. Option A is incorrect because it uses Google credentials instead of database credentials. Option B is wrong as it doesn't utilize the Cloud SQL Auth proxy, and option D is not suitable since it points to the external IP instead of the internal IP.