Google Cloud Professional Cloud Developer — Question 331

You have a Cloud Run service that needs to connect to a Cloud SQL instance in a different project. You provisioned the Cloud Run service account with the Cloud SQL Client IAM role on the project that is hosting Cloud SQL. However, when you test the connection, the connection fails. You want to fix the connection failure while following Google-recommended practices. What should you do?

Answer options

• A. Add the cloudsql.instances.connect IAM permission to the Cloud Run service account.
• B. Request additional API quota for Cloud SQL Auth Proxy,
• C. Enable the Cloud SQL Admin API in both projects.
• D. Migrate the Cloud SQL instance into the same project as the Cloud Run service.

Correct answer: C

Explanation

The correct answer is C because enabling the Cloud SQL Admin API in both projects is essential for the Cloud Run service to communicate with the Cloud SQL instance across different projects. Option A is incorrect as simply adding IAM permissions does not resolve the connectivity issue without the API enabled. Option B is irrelevant to the specific connection problem described, and Option D is not a recommended practice as it involves unnecessary migration of resources.