Railway4d ago

Connecting to a GCP CloudSQL Instance

Hi there, I am aware this pertains more to GCP but hoping to see if anyone here has some advice that is perhaps more applicable to Railway. I have a GCP CloudSQL Database that I am trying to connect to from my Railway services. My current method of Authenticating with my GCP database is to whitelist inbound IP addresses. Unfortunately, to get a static IP address from Railway I need to upgrade to the Pro plan. Now, even if I did do this, it is mentioned in the documentation that these IP addresses can change sometimes and are often shared with other customers. I am aware that utilising the 'IP whitelist' method is not the best but I am not really sure how to set up alternate methods that work with say, a NextJS app? Has anyone had similar issues and has a good guide/solution on how to connect/auth to a CloudSQL database in a non-ip-whitelist way?
3 Replies
Percy4d ago
Project ID: df44b080-c012-4e74-a491-df454ed98c26
jop4d ago
Brody4d ago
can you link to the docs that state static IPs can change? that must be outdated because that goes directly against what a static IP is. but they are shared, that part is correct. it's true that whitelisting is not the best option, but unless cloudsql provides some additional layer of authentication I'm not sure what your other options would be on that. may or may not be something you want to do, but you could deploy a database to railway within your already existing project and connect to it via the private network, that would be extremely secure, faster, and would save you on egress fees.