is it safe to open a Google SQL instance for any IP address but with an SSL connection only?

advertisements

I have an application that using Google mysql database anywhere, so I opened my instance for any ip address by whitelisting the subnet in this way :0.0.0.0/0

But I also made it available for ssl connections only with certificates and now I am connecting with that way.

Is that secure enough ? And will it be possible for the hackers to hack my database ?

Thank you


If you are using the 'Only allow SSL connections.' then you should be reasonable safe. I would also recommend using the mysql passwords.

Note that the SSL verification is done by mysqld so the instance needs to spin up to check each connection that passes the IP ACL. If you use whitelist then 0.0.0.0/0 then anyone can spin up your instance. This is not an issue for the monthly plan but it will probably be if you plan to take advantage of the on-demand mode.