Private Service Connect
Creates a private and secure connection from your VPCs to Google, third parties, or your own services.
Keep traffic between your VPC and services within the Google network
Line rate performance and scales to enterprise-size networks
Use in conjunction with Service Directory for service-centric networking
Benefits
Consume services faster
Consume services faster
Easily and securely connect your private network to access services on Google (Cloud Storage, Bigtable), third parties (Snowflake, MongoDB), or services you own.
Protect your network traffic
Protect your network traffic
Prevent your network traffic from being exposed to the public internet. Data remains secure on Google’s backbone network.
Simplify service management
Simplify service management
Removes the need to configure an internet gateway or a VPC peering connection. Simplify the management of complicated cloud network architectures.
Key features
Privately connect services across different networks and organizations
Access Google APIs and services
Connect to Google Cloud services like Cloud Storage and Bigtable using Private Service Connect endpoints with internal IP addresses in your VPC networks.
Connect to a service in another VPC network
Connect to your own services or those provided by other service producers (Example: MongoDB, Snowflake) using a Private Service Connect endpoint.
Publish services as a service producer
You can publish a service (make a service available outside your VPC network) by using an internal TCP/UDP load balancer and create a service attachment in the same region.
Service Directory
Private Service Connect endpoints are registered with Service Directory where you can store, manage, and publish services.
Integration with Google Cloud's Private Service Connect and DataStax Astra DB has been effortless. As a Google partner, we had close collaboration with the product and engineering team that allowed our customers to connect DataStax Astra DB securely using PSC just as it was generally available.
Cory Schickendantz, Global Director, Cloud Ecosystems, DataStax
What's new
See the latest updates about Private Service Connect
Sign up for Google Cloud newsletters to receive product updates, event information, special offers, and more.
Documentation
Find resources and documentation for Private Service Connect
Private Service Connect overview
Get an overview of Private Service Connect and key concepts as a consumer of services and as a producer of services.
Configuring Private Service Connect to access Google APIs
Learn how to connect to service producers using endpoints in Private Service Connect.
Configuring Private Service Connect to access services
Learn how to connect to services in another VPC network.
How-to guide for service producers
Learn how to publish services for your customers to connect using Private Service Connect.
Not seeing what you’re looking for?
Use cases
Use cases
Use Private Service Connect to access Google APIs
Create private endpoints using global internal IP addresses within your VPC network. Assign DNS names to these internal IP addresses. You can control which traffic goes to which endpoint, and can demonstrate that traffic stays within Google Cloud.
Use Private Service Connect to offer services
Private Service Connect uses endpoints and service attachments to let service consumers send traffic from the consumer's VPC network to services in the service producer's VPC network.
Use HTTP(S) load balancing for service controls
Private Service Connect with consumer HTTP(S) service controls gives service consumers full control of their policies by steering traffic through a Google Cloud External HTTP(S) load balancer.
All features
Learn more about Private Service Connect features
| Access Google APIs and services | Connect to Google Cloud services, such as Cloud Storage and Bigtable, using Private Service Connect endpoints with internal IP addresses in your VPC networks. |
| Connect to a service in another VPC network | Connect to your own services or those provided by other service producers (Example: MongoDB, Snowflake) using a Private Service Connect endpoint. |
| Publish services as a service producer | You can publish a service (make a service available outside your VPC network) by using an internal TCP/UDP load balancer and create a service attachment in the same region. |
| Service Directory | Private Service Connect endpoints are registered with Service Directory for Google APIs where you can store, manage, and publish services. |
| Proxy protocol | Find your consumers' source IP addresses and Private Service Connect ID from one central proxy protocol header. |
| VPC Service Controls | Restrict Private Service Connect within a service perimeter and mitigate data exfiltration risks. VPC Service Controls service perimeters are always enforced on APIs and services that support VPC Service Controls. |
| Enable consumer http(s) service controls using a load balancer | You can create a Private Service Connect endpoint with consumer HTTP(S) service controls using an external or internal HTTP(S) load balancer, which lets you maintain consistent policies across multiple service producers. |
Pricing
Pricing
For service consumers (customers), Private Service Connect pricing is per endpoint. For producers (service owners), Private Service Connect pricing is per GB processed only.
Partners
Private Service Connect partners
Google Cloud partners can deliver multi-tenant services securely at massive scale.
Take the next step
Start building on Google Cloud with $300 in free credits and 20+ always free products.
Need help getting started?
Contact salesWork with a trusted partner
Find a partnerContinue browsing
See all products
