Jdbc connection error from Google Apps Script

I am not sure whether this question has been resolved or not, but let me add this answer.

I also faced the same problem but I found the resolution. What I did is:

First, go to the console.

https://console.cloud.google.com

Then, open IAM. and add the account as a member and add this permission: "Cloud SQL Client".


Jdbc.getConnection works from both: my account and another account:

var conn = Jdbc.getConnection('jdbc:mysql://' + IP + ':3306/' + database_name, user, password)

I'm really confused because the recommended method did not work.

There are two ways of establishing a connection with a Google Cloud SQL database using Apps Script's JDBC service:

  • (Recommended) Connecting using Jdbc.getCloudSqlConnection(url)
  • Connecting using Jdbc.getConnection(url)

Notes:

  • IP is a Public IP address from the OVERVIEW tab in your database console: enter image description here
  • I've allowed any host when created a user: enter image description here

I think this is a permission issue in your second account. Necessary information are missing in your question. But, the secound account, if run as a another user, won't necessarily have your sqlservice authorization. The permission,

https://www.googleapis.com/auth/sqlservice

Manage the data in your Google SQL Service instances

is required to use Jdbc.getCloudSqlConnection(url), while Jdbc#getConnectionUrl() just requires external link connection permission

https://www.googleapis.com/auth/script.external_request

I believe that you can only connect to sql instances owned by you with getCloudSqlConnection() which doesn't even require external connection permission. This method probably calls your sql instance internally.

References:

  • Jdbc#getCloudConnection

  • Jdbc#getConnection

Conclusion

To connect to any external service, you need external_request permission. But, You don't need that permission to connect to your own documents say, Spreadsheets owned by you/have edit access permission - through SpreadsheetApp.openByUrl(). I believe it's the same thing with Jdbc.getCloudSqlConnection(). It calls your Google sql internally - So, even if you grant external request permission, It won't work. What will work for this method is

  1. Installable triggers (which runs as you).

  2. Add the second account also as owner in GCP-IAM (may not work though) See this answer

Tags:

Jdbc

Google Sheets

Google Apps Script

Google Cloud Sql

Recent Posts