Enabling private IP for the Cloud SQL instance is the recommended solution for connecting Compute Engine instances to a Cloud SQL instance without the need to whitelist IPs. This approach allows the Compute Engine instances to communicate with the Cloud SQL instance through Google's internal network, making it more secure and efficient.
When you enable a private IP for Cloud SQL, it creates a Virtual Private Cloud (VPC) network and provides a private endpoint that your Compute Engine instances can use. This helps avoid public IP exposure, reducing potential security risks associated with internet-facing services. Moreover, since the traffic is routed within Google's infrastructure, it generally offers lower latency and better network performance than routing traffic through public IP addresses.
In contrast, options like whitelisting a project for Cloud SQL access or creating a VPN might involve extra configurations and would not eliminate the need for specifying IP addresses or managing additional security protocols. Similarly, creating a role in Cloud SQL for external instances does not directly address the connectivity issue without IP whitelisting. Thus, utilizing a private IP for the Cloud SQL instance is both a secure and efficient solution for enabling seamless communication with Compute Engine instances.