Cloud SQL IAM based auth for postgres and mysql

[aswath-s-tw]

Is there any existing documentation or reference around how to connect to Cloud SQL instances from App Engine or Cloud Run using IAM authentication ? I think a connector library is available for Python, Java and Golang. But I don't see a standard available for Node JS. The end goal is to authenticate to a Cloud SQL database with IAM and without a password (Node JS and Sequelize). Please update !

[kweinmeister]

Hi @aswath-s-tw , do these help? https://cloud.google.com/sql/docs/mysql/connect-app-engine-standard https://cloud.google.com/sql/docs/mysql/connect-run#node.js

[siddhsql]

same question here. problem is:

• what username do we use? is it the full email address of the SA or just the prefix without the @ and everything that follows it?
• what password do we use? the issue here is that although Cloud Run runs under identity of the IAM account, this identity does not propagate to the Docker process. elsewhere I read to set the password to gcloud sql generate-login-token. gcloud is not even available inside Docker process.
• what should be the hostname. else where I read /cloudsql/project:region:instance but this did not work for us

complete working example would be appreciated!

[enocom]

We recently released a Node.js Connector for Cloud SQL. See https://github.com/GoogleCloudPlatform/cloud-sql-nodejs-connector. We're working on adding support for Auto IAM AuthN in the meantime: https://github.com/GoogleCloudPlatform/cloud-sql-nodejs-connector/issues/58.

Meanwhile, there is a Cloud SQL integration on Cloud Run and App Engine, but it doesn't support Auto IAM AuthN. So you'll need to wait for the Node connector support.

[iennae]

https://github.com/GoogleCloudPlatform/cloud-sql-nodejs-connector/issues/58 looks like it was completed in May 2023 and https://github.com/GoogleCloudPlatform/cloud-sql-nodejs-connector/issues/80 provides additional context. closing this as resolved.