Using core Virtual Private Cloud (VPC) functionality
-
Using VPC networks
Create networks and subnets, and modify existing ones.
-
Using firewall rules
Create and modify firewall rules. View firewall rule examples.
-
Using routes
Create, modify, and work with network routes.
-
Adding and removing network tags
Add and remove instance tags used by firewall rules and routes.
-
Using legacy networks
Create and use legacy (non-VPC) networks.
VPC network sharing and peering
-
Provisioning Shared VPC
Set up a Shared VPC host project, assign service projects, and set up permissions for sharing a network with other projects.
-
Deprovisioning Shared VPC
Disassociate Shared VPC service projects from a host project. Disable a project as a host project.
-
Using VPC Network Peering
Configure two networks as peers or disconnect existing peers.
Configuring VM IP addresses and interfaces
-
Reserving static internal IP addresses
Reserve a static internal IP address. Assign a particular internal IP address to a Google Cloud resource. (Docs are hosted in the Compute Engine documentation.)
-
Reserving static external IP addresses
Reserve a static external IP address. Assign a particular external IP address to a Google Cloud resource. (Docs are hosted in the Compute Engine documentation.)
-
Configuring alias IP ranges
Assign a range of IP addresses to a Compute Engine virtual machine (VM) instance for use by containers or other services running on the VM.
-
Creating instances with multiple network interfaces
Configure a Compute Engine VM instance with more than one network interface so that it can be used as a virtual appliance that links VPC networks.
Packet Mirroring
Logging and monitoring
-
Using VPC Flow Logs
View traffic flow logs and metrics.
-
Using Firewall Rules Logging
See which firewall rules affected your traffic.
-
Viewing VPC audit logs
View audit logs for VPC resources.
-
Using Serverless VPC Access audit logging
View the audit logs created by Serverless VPC Access as part of Cloud Audit Logs.
Special configurations
-
Configuring Private Google Access
Allow VM instances in your VPC network subnet to reach Google APIs even if the VMs don't have external IP addresses.
-
Configuring Private Google Access for on-premises hosts
Enable your on-premises hosts to reach Google APIs and services through a Cloud VPN tunnel or Cloud Interconnect connection. Hosts don't need an external IP address.
-
Configuring private services access
Establish a private connection to services made available to your VPC network on internal IP addresses.
-
Configuring Serverless VPC Access
Connect from the App Engine standard environment and Cloud Functions directly to your VPC network.
-
Configuring VMs for networking use cases
Set up a Compute Engine VM instance as a Cloud NAT or Cloud VPN gateway. Configure reusable static internal IP addresses.