Google Cloud Professional Data Engineer — Question 217

You need to connect multiple applications with dynamic public IP addresses to a Cloud SQL instance. You configured users with strong passwords and enforced the SSL connection to your Cloud SQL instance. You want to use Cloud SQL public IP and ensure that you have secured connections. What should you do?

Answer options

• A. Add CIDR 0.0.0.0/0 network to Authorized Network. Use Identity and Access Management (IAM) to add users.
• B. Add all application networks to Authorized Network and regularly update them.
• C. Leave the Authorized Network empty. Use Cloud SQL Auth proxy on all applications.
• D. Add CIDR 0.0.0.0/0 network to Authorized Network. Use Cloud SQL Auth proxy on all applications.

Correct answer: C

Explanation

The correct answer is C because using the Cloud SQL Auth proxy allows secure connections without needing to specify IP addresses in the Authorized Network. Options A and D expose the Cloud SQL instance to all IPs, which is insecure. Option B, while potentially safer than A and D, still requires constant updates and does not utilize the security benefits of the Cloud SQL Auth proxy.