Google Cloud SQL (SQL Server)
Create a connection between Faraday and Google Cloud SQL (SQL Server) so that your data is always up to date to make predictions, and your predictions can seamlessly sync back to your database.
In this tutorial, we'll show you how to:
- Connect your Google Cloud SQL (SQL Server) account to Faraday using a connection.
Let's dive in.
- You'll need a Faraday account — signup is free!
Prerequisites
You'll need the following details to create your connection to Google Cloud SQL (SQL Server):
- Instance connection name requiredtextFor use with Cloud SQL proxy. Client must enable Cloud SQL Admin API and give IAM role "Cloud SQL Client" to our service account faraday-incoming@production-237317.iam.gserviceaccount.com (Datasets) or faraday-outgoing@production-237317.iam.gserviceaccount.com (Targets).
- Load balancer DNS name optionaltextIn case the host is deployed behind a load balancer.
- SSH bastion optionaltextIn case the host is deployed behind an SSH bastion / jump server. Uses the Faraday SSH public key. This is the address of the bastion including username. For example, faraday@mybastion.example.com
- User requiredtext
- Password requiredtext
- Database requiredtext
- Schema optionaltext
Granting access
First, you'll need Faraday access to your Google Cloud SQL (SQL Server) account.
Google Cloud SQL is a hosted database service. Connectivity is shared with a GCP IAM user while database access is shared with a user and password.
Which IAM account (or both) depends on use of Targets and/or Datasets:
- Datasets:
faraday-incoming@production-237317.iam.gserviceaccount.com
- Targets:
faraday-outgoing@production-237317.iam.gserviceaccount.com
- Give service account Cloud SQL client permission on Project Microsoft SQL Server connections are host-based and require a user and password. We suggest that you create a Faraday-only database to both send and receive data. Within this database, Faraday would have full read and write access. Alternatively, you can give Faraday access to certain tables in a shared database.
This connection type can be placed behind an SSH bastion (aka jump server). In that case, specify the user and host of the SSH bastion.
This connection type can also be placed behind a load balancer. In that case, specify the host of the load balancer. Faraday suggests that you use an unguessable string somewhere in the path to your data. This avoids what is called the Confused deputy problem
For example, instead of naming an S3 bucket s3://faraday-acme/
,
name it s3://faraday-acme-pwiiprz162ez
. This guarantees that
malicious actors cannot guess the name and request that Faraday import data
from it into their account. The same logic applies to any path that is used to
locate data.
Connecting
Use a POST /connections
request:
curl https://api.faraday.ai/connections --json '{ "name": "Google Cloud SQL (SQL Server)", "options": { "type": "gcp-cloud-sql-sql-server", "instance_connection_name": "...", "user": "...", "password": "...", "database": "..." } }'
- Wait briefly while Faraday establishes your connection. It shouldn't take long.
Your new connection is now ready to use.