Google Cloud Professional Cloud Developer — Question 2

You are planning to migrate a MySQL database to the managed Cloud SQL database for Google Cloud. You have Compute Engine virtual machine instances that will connect with this Cloud SQL instance. You do not want to whitelist IPs for the Compute Engine instances to be able to access Cloud SQL.
What should you do?

Answer options

• A. Enable private IP for the Cloud SQL instance.
• B. Whitelist a project to access Cloud SQL, and add Compute Engine instances in the whitelisted project.
• C. Create a role in Cloud SQL that allows access to the database from external instances, and assign the Compute Engine instances to that role.
• D. Create a CloudSQL instance on one project. Create Compute engine instances in a different project. Create a VPN between these two projects to allow internal access to CloudSQL.

Correct answer: A

Explanation

The correct answer is A because enabling private IP allows the Compute Engine instances to connect to the Cloud SQL instance over a private network without needing to whitelist IPs. Options B, C, and D involve methods that require additional configurations or external access, which do not meet the requirement of avoiding IP whitelisting.