I have three projects (names changed to protect the innocent):
- prod-host (main host project)
- prod-sql (contains the cloudSQL instance)
- prod-svc (service project)
I was able to set up the Shared VPC with no problem. The prod-host project is the host; the other two are attached service projects. All the networking seems to be correct.
I want to create a Cloud Function in the prod-svc project that connects to the cloudSQL database in the prod-sql project. And I want to do this using a VPC Connector.
I created the VPC Connector in the prod-svc project successfully, but when I tried to connect to the database with the connection name, I got an error that could not be resolved. Then I read that to connect to the database, the VPC connector must be from the prod-sql project. I tried that but couldn't seem to get the connector to show up in the network connection list when creating the cloud function. I also created a VPC Connector in the host project, which didn't work either. The documentation seems a bit muddled in regards to setting this up.
If you have advice on where the VPC Connector should be set up and the needed IAM permissions to make it appear in the Cloud Function Network Connection list, I would greatly appreciate it.
Thanks.
I was able to figure it out after a good night's sleep. A few things had to happen.
First, I created a VPC Connector on the host project.
Second, I had to create the right permissions on the host project for the prod-svc project. Here are the permissions on the host project:
Third, on the service project, I made sure my Cloud Function was using the VPC Connector I created on prod-host, and I used the private IP address for the CloudSQL instance. I also added the same permissions to the prod-sql project that I did for the prod-host project, just to be safe.