Creating a private IP instance

This page describes how to create a Cloud Data Fusion instance with a private IP address. Creating a private IP instance provides the following features and benefits:

• Connections to the Cloud Data Fusion instance are established over a private VPC network in your Google Cloud project. Traffic over this network does not go through the public internet.

• The instance can connect to your on-premises resources, such as relational databases, by connecting your on-premises network to the Google Cloud private VPC network using Cloud VPN or Cloud Interconnect. You securely access your on-premises resources, such as databases, over the private network without opening up access to Google Cloud.

VPC peering with Cloud Data Fusion

Cloud Data Fusion uses VPC Network Peering to establish network connectivity to your VPC network. This allows Cloud Data Fusion to access resources on your network through private IP addresses.

This section shows you how to create a peering configuration between your network and the Cloud Data Fusion tenant project network.

Get your Cloud Data Fusion project ID and VPC network name

When you create a VPC peering connection, you'll need your Cloud Data Fusion project ID and VPC network name, which you can get from the Cloud Data Fusion Instance Details page. Take note of these values for use later on in this guide.

1. Go to the Cloud Data Fusion Instances page in the Cloud Console.

   Go to the Instances page

2. Click the instance name of your private IP instance.

3. In the Instance details page, get your Project ID and VPC network name. Take note of these values.

   1. Project ID - This is the portion of the service account that is between the @ and .iam.
   2. VPC network name - This is composed of the region, followed by a dash -, followed by the Cloud Data Fusion instance name. For example:

      

      In this example, the Project ID is r35f61489d3747a5d-tp and the VPC network name is us-central1-privatefoo2.

Create a VPC peering connection

1. Go to the VPC web UI in the Cloud Console.

   Go to the VPC Network Peering UI

2. Click Create connection.

3. Click Continue.

4. Fill in the Create peering connection form.

   

   1. In the Name field, enter a name for your VPC Network Peering connection.
   2. Under Your VPC network, select the same network you selected when you created your Cloud Data Fusion instance.
   3. Under Peered VPC network, select In another project.
   4. In the Project ID field, enter the project ID you noted in the section above.
   5. In the VPC network name field, enter the VPC network name you noted in the section above.
   6. Under Exchange custom routes, select Import custom routes and Export custom routes.
   7. Click Create.

Create the instance

1. Go to the Create Data Fusion instance page in the Cloud Console.

   OPEN THE CREATE INSTANCE PAGE

2. At the bottom of the page, click Advanced Options.
3. Check Enable Private IP. Cloud Data Fusion creates a google-managed-services-default VPC private service connection with an IP address range defined by a CIDR prefix of /22.
4. Click Create to create the private IP instance.

What's next

• Learn about other key Cloud Data Fusion concepts and features.
• See Cloud Data Fusion pricing.