Integrate Google Cloud for MySQL with Databox

Availability

Users, Editors, and Admins

All accounts

Google Cloud SQL is a fully managed relational database service from Google Cloud that handles provisioning, maintenance, and scaling of MySQL databases without requiring you to manage the underlying infrastructure. It supports MySQL 5.7 and 8.0 and is commonly used to power web applications, internal tools, and analytics pipelines hosted on Google Cloud. Connecting Google Cloud for MySQL to Databox lets you pull data directly from your managed database, build datasets using SQL queries, and visualize business-critical figures alongside data from your other connected tools.

Connection

If you've already established a connection, you can reuse it to add new data sources to your Databox account.

Step 1: Create a read-only MySQL user for Databox

Databox only reads data from your database — it never writes to it. Create a dedicated MySQL user with SELECT-only privileges scoped to the Databox IP address. You can run these commands using the Cloud SQL Studio query editor in the Google Cloud Console, or via a MySQL client connected to your instance.

MySQL 8.0+ (modern syntax):

CREATE USER 'databox'@'52.4.198.118' IDENTIFIED BY 'your_secure_password';
GRANT SELECT ON your_database.* TO 'databox'@'52.4.198.118';
FLUSH PRIVILEGES;

MySQL 5.7 (legacy single-statement syntax):

GRANT SELECT ON your_database.* TO 'databox'@'52.4.198.118' IDENTIFIED BY 'your_secure_password';
FLUSH PRIVILEGES;

Replace your_database with the name of the database you want to connect, and your_secure_password with a strong password. If you need to grant access to multiple databases, repeat the GRANT statement for each one.

Note: Avoid the following special characters in your password, as they can cause encoding issues when establishing the connection: `, ', ", /, \, and spaces.

Step 2: Enable a public IP address on your Cloud SQL instance

Databox connects to Cloud MySQL over a public IP address. If your instance does not already have one assigned, enable it in the Google Cloud Console.

In the Google Cloud Console, go to SQL and select your instance.
Click Edit.
Under Connections, expand Networking and ensure Public IP is enabled.
Click Save to apply the change.

Note: Your instance's public IP address is shown on the Overview tab of the Cloud SQL instance page, under Connect to this instance. Copy this value — you will need it in Step 4.

Step 3: Add the Databox IP to your authorized networks

Cloud SQL controls inbound network access through an authorized networks list. Add the Databox IP address as an authorized network so it can reach your instance on port 3306.

In the Google Cloud Console, go to SQL and select your instance.
Click Edit.
Under Connections > Networking > Authorized networks, click Add a network.
In the Network field, enter 52.4.198.118/32.
Optionally enter a name (e.g., Databox) in the Name field.
Click Done, then click Save.

Step 4: Enter your Cloud SQL connection details in Databox

In Databox, go to Data Sources > + New connection.
Search for Google Cloud for MySQL and click Connect.
Fill in the connection form:
- Data source name — a label for this connection in Databox.
- Host — the public IP address of your Cloud SQL instance, found on the instance's Overview tab in the Google Cloud Console (e.g., 34.123.45.67).
- Port — the port your Cloud SQL instance listens on. The default for MySQL is 3306.
- User — the MySQL username created in Step 1.
- Password — the password for that user.
- Database name (optional) — the specific database to connect to. Leave blank to connect at the server level.
- Timezone — the time zone used to interpret date values in query results. Defaults to Etc/UTC.
Select an SSL/TLS mode (see SSL/TLS below).
Click Connect.

SSL/TLS

Databox offers three SSL/TLS modes when connecting to a database. Choose the one that matches your server's configuration.

Mode	Description
None	The connection is made without SSL/TLS encryption. Use this only when your server does not have SSL enabled.
Use SSL/TLS with provider CA bundle	The connection uses SSL/TLS and authenticates the server using a regional CA bundle managed by your cloud provider (for example, Amazon RDS). When you check Verify server certificate using regional CA bundle, an additional CA certificate bundle (ssl-ca) field appears, where you can paste your provider's CA certificate.
Use SSL/TLS with custom certificates	The connection uses SSL/TLS with certificates you supply directly. When Verify server certificate is checked, you must provide a CA certificate (ssl-ca). You may also supply a Client certificate (ssl-cert) and Client private key (ssl-key) for mutual TLS. If Verify server certificate is unchecked, only the client certificate and private key fields are shown.

Google Cloud SQL provides SSL/TLS certificates signed by a Google-managed server CA. To use SSL with server certificate verification, download the server CA certificate from the Connections > Security tab of your Cloud SQL instance in the Google Cloud Console, and paste its contents into the CA certificate bundle (ssl-ca) field in Databox. Client certificates can also be created and downloaded from the same tab for mutual TLS. For step-by-step instructions on configuring each SSL mode, see Enable SSL/TLS for your database connection.

Datasets

The Google Cloud SQL for MySQL integration supports the creation of datasets, which allow you to define and shape the specific data you want to use for reporting in Databox. Datasets make it easier to focus on the most relevant information, enabling you to filter, visualize, and analyze metrics across projects, teams, and clients without writing complex queries each time.

Steps to create a dataset

Select a table: Pick the appropriate schema within that database.
Select columns: Browse and select the specific columns (fields) from your tables or views to include in your dataset. These columns define the structure and content of your dataset.

Optional: Write SQL

For more advanced use cases, you can write a custom SQL query instead of selecting columns manually. This allows you to:

Join multiple tables
Apply filters and aggregations
Format or transform data before importing it into Databox

Your query must return a valid tabular result to be used as a dataset.

Additional resources

Cloud SQL for MySQL documentation — Official Google Cloud docs for Cloud SQL for MySQL, covering instance creation, connectivity, user management, security, backups, high availability, and replication.
Cloud SQL connection options — Overview of all available connection methods for Cloud SQL, including public IP, private IP, and the Cloud SQL Auth Proxy, with guidance on when to use each.

Resources

For comprehensive details on metrics, data availability, templates, specifications, usage guidelines, and other key information, refer to the resources listed below.

Technical Details

Behavior & Usage

Notes

FAQ

Does Databox support Cloud SQL Auth Proxy or private IP connections?

No. Databox connects to Cloud SQL over a public IP address only. The Cloud SQL Auth Proxy and private IP connectivity are not supported. Your instance must have a public IP address enabled and the Databox IP (52.4.198.118) must be listed in the instance's authorized networks.

What should I do if Databox cannot connect to my Cloud SQL instance?

Check the following in order:

Public IP is enabled on the instance (under Edit > Connections > Networking).
The Authorized networks list includes 52.4.198.118/32.
The MySQL user was created with 'databox'@'52.4.198.118' as the host — not '%' or 'localhost'. Run FLUSH PRIVILEGES; after any user or grant changes.