Kubernetes external db access | DB access in production

Hello everyone!

I’m working with an external agency who are managing and setting up the environments for software we’re building for a customer. The agency is commissioned by our customer so we don’t have a direct relationship.

Aim is to slowly bring our application / service to production. It’s hosted on kubernetes in a private virtual cloud and dbs are accessible from the pods only as they have only a private IP. To get to the point: How do you guys manage such setups? For me it’s crucial in my development and supporting workflow to sometimes have direct access to the dbs. The infrastructure agency are telling us no human access at all to the dbs is desired – but I highly doubt others are doing the same since you lose so much visibility about what’s going on (even diagnosing issues, …). Is this a guideline some of you are following?

I get the security aspect to it – but there are safe ways provided also by Google while still maintaining external (outside of the cluster itself) access to the dbs.