Private Google Access allows GCP instances with only private IP addresses to access the public IP addresses for Google APIs and services, subject to firewall rules in your network.
Private Google Access and VPC subnets
Private Google Access provides a route to Google APIs and services from instances having only internal, private RFC 1918 addresses. It is enabled on a subnet by subnet basis.
- See Configuring Private Google Access for VPC for configuration instructions for instances attached to a GCP VPC network.