×


Cloud SQL Proxy error – An attempt was made to access a socket

Are you trying to resolve Cloud SQL Proxy error? 

We can help you.


The Cloud SQL Auth proxy automatically encrypts traffic to and from the database using TLS 1.2 with a 128-bit AES cipher; SSL certificates are used to verify client and server identities.

Recently, one of our customers came across this error while trying to use Cloud SQL Proxy to configure access to Google Cloud SQL in Windows using the command:

cloud_sql_proxy.exe -dir=/cloudsql -instances=my-project:us-central1:sql-instance=tcp:3306 mysql -u –host

Here at Ibmi Media, as part of our Server Management Services, we regularly help our Customers to perform related Google Cloud queries.


Working with Cloud SQL Proxy error

Accessing your Cloud SQL instance using the Cloud SQL proxy offers the following advantages:

1. Secure connections: The Cloud SQL proxy automatically encrypts traffic to and from the database using TLS 1.2 with a 128-bit AES cipher; SSL certificates are used to verify client and server identities.

2. Easier connection management: The Cloud SQL proxy handles authentication with Cloud SQL, removing the need to provide static IP addresses.


Cloud SQL Proxy error looks like this:

listen tcp 127.0.0.1:3306: bind: An attempt was made to access a socket in a way forbidden by its access permissions.


The main causes of Cloud SQL Proxy error:

1. The SQL Server engages the 3306 port locally. Therefore, we cannot bind to it while it is running.

2. Another process might use Port 3306.


How to fix Cloud SQL Proxy error ?

To solve this issue, follow the steps given below.


1. Initially, we stop the SQL Server to bind the CloudSQL Proxy to it.

In case we have Windows 10, we go to Task Manager -> Services -> MySQL57. 

We have to right-click and stop the task.

Once done, we try and run the same command again.

Successful output will be as follows:

Listening on 127.0.0.1:3306 for <instance-name>

The same procedure is applicable to the postgresql process also.


2. Specify a different port, in case another process uses 3306.

For instance:

-instances=my-project:us-central1:sql-instance=tcp:3307


3. On Windows cmd or Google SDK shell, we use the below command:

cloud_sql_proxy.cmd -instances=<INSTANCE_CONNECTION_NAME>=tcp:3306 -credential_file=<PATH_TO_KEY_FILE>

Make sure to declare cloud_sql_proxy.cmd as environment variable, where:

i. INSTANCE_CONNECTION_NAME = my-project:us-central1:sql-instance

ii. PATH_TO_KEY_FILE = create a service account in IAM panel and save the json file copy its path and paste it here.


If this does not work, we try connecting to TCP 3307.


[Failed with the Cloud SQL Proxy error resolution? We'd be happy to further assist you. ]


Conclusion

This article covers methods to resolve Cloud SQL Proxy error. 

The Cloud SQL Proxy error looks like this:

An attempt was made to access a socket in a way forbidden by its access permissions


Therefore you cannot bind to it while it's running:

The SQL Server engages the 3306 port locally. 

1. Stop the SQL Server to bind the CloudSQL Proxy to it.

2. Incase of Windows 10: Go to Task Manager -> Services -> MySQL57

3. Right click and stop that task. 

4. Once you have done that try running the same command again. 

It'll work and show as output:

Listening on 127.0.0.1:3306 for <instance-name>


Requirements for using the Cloud SQL Auth proxy.

To use the Cloud SQL Auth proxy, you must meet the following requirements:

1. The Cloud SQL Admin API must be enabled.

2. You must provide the Cloud SQL Auth proxy with Google Cloud authentication credentials.

3. You must provide the Cloud SQL Auth proxy with a valid database user account and password.

4. The instance must either have a public IPv4 address, or be configured to use private IP.

The public IP address does not need to be accessible to any external address (it does not need to be added as an authorized network address).