Connecting to an AlloyDB Cluster
Step-by-step instructions for connecting an AlloyDB cluster to Tellius
This guide provides step-by-step instructions for connecting an AlloyDB cluster to Tellius. It explains how to set up the AlloyDB Auth Proxy on your client host, prepare IAM credentials, and configure the connection within Tellius.
Prerequisites
- Ensure that you have an existing AlloyDB cluster. 
- Before you begin, make sure that the client host meets the following requirements: 
- It must have network visibility to the VPC network where the instances you want to connect reside. 
- If the client host has an outbound firewall policy, it must allow outgoing connections to port 5433 on your AlloyDB instances' IP addresses and allow outgoing connections to port 443 (the standard HTTPS port) to all IP addresses. 
- If you are using a Compute Engine instance as the client host, it must have the https://www.googleapis.com/auth/cloud-platform access scope to use the AlloyDB API. 
Steps to connect to AlloyDB cluster
Download the AlloyDB Auth Proxy client
Download the AlloyDB Auth Proxy client to your client host and make it executable on your system.
Choose the IAM Principal and prepare it for authorization
The AlloyDB Auth Proxy supports the use of user-managed service accounts, your user account, or the Compute Engine default service account to authorize connections between your client and an AlloyDB instance. Ensure the selected IAM principal has the necessary permissions, and make its credentials available on your client host.
Gather connection URIs for the AlloyDB instances
When you start the Auth Proxy client, identify the AlloyDB instance or instances you want to connect to using their connection URIs.
Start the Auth Proxy Client
Start the Auth Proxy client on your client host with necessary arguments and flags to provide information about the AlloyDB instances to connect to and, if necessary, credential information to use when authorizing these connections. The Auth Proxy client should now be ready to authorize connections to AlloyDB instances and listen for local client connection requests.
Connect Tellius to AlloyDB using the AlloyDB Auth Proxy
Once the Auth Proxy client is running and listening for connections, you can now connect Tellius to the AlloyDB instance:
- In the Tellius platform, navigate to Data → Connect → Create New → AlloyDB. 

- For the Hostname field, use the local IP address where the Auth Proxy client is listening. 
- Provide the appropriate port number (5432 by default) in the Port field. 
- Paste the name of the desired database in the Database field. 
- Paste the name of the required user in the User field. 
- Provide the required password in the Password field. 
- Click on Save and Browse Host (or Browse Host if you are using an already established connection). 
- The list of tables from the data source will be displayed on the right side. 

You have now established a connection from Tellius to your AlloyDB cluster using the AlloyDB Auth Proxy.
Was this helpful?
