Best practices for Cloud Interconnect

Use the following best practices when planning for and configuring Cloud Interconnect.

Working with Google Cloud projects

If your network architecture supports it, configure your Cloud Interconnect projects as recommended in this section.

Provision physical Interconnect connections in a separate project

Provision physical Interconnect connections (ports) for Cloud Interconnect in one project, but provision VLAN attachments in other projects. The other projects must be in the same Google Cloud organization as the project that contains the physical connections.

VLAN attachments that connect a physical connection to a region through a Cloud Router don't have to be in the same project as the physical connection. For more information, see Using Dedicated Interconnect connections in other projects.

This practice makes the following configuration steps easier:

  • You can associate a separate internal billing account with the project that contains the physical connections.
  • You can configure Identity and Access Management (IAM) roles and permissions in the project that contains the physical connections.
  • If you want to delete or update a resource that is not a physical connection, you can do so without affecting the physical connections.

Configure VLAN attachments in the Shared VPC host project

In a Shared VPC network, configure all VLAN attachments, not physical Interconnect connections (ports), in the host project. For more information about connecting attachments to Shared VPC networks, see Enabling multiple VPC networks to access the same VLAN attachment.

What's next