Virtual Private Cloud (VPC)
Managed networking functionality for your Google Cloud resources.
-
Provide flexibility to scale and control how workloads connect regionally and globally
-
Access VPCs without needing to replicate connectivity or administrative policies in each region
-
Bring your own IP addresses to Google’s network infrastructure across all regions
Benefits
Global
A single VPC can span multiple regions without communicating across the public internet. For on-premises, you can share a connection between VPC and on-premises resources with all regions in a single VPC.
Shareable
With a single VPC for an entire organization, teams can be isolated within projects, with separate billing and quotas, yet still maintain a shared private IP space and access to commonly used services.
Expandable
Google Cloud VPCs let you increase the IP space of any subnets without any workload shutdown or downtime. This gives you flexibility and growth options to meet your needs.
Key features
Key features
VPC network
VPC can automatically set up your virtual topology, configuring prefix ranges for your subnets and network policies, or you can configure your own. You can also expand CIDR ranges without downtime.
Packet mirroring
Troubleshoot your existing VPCs by collecting and inspecting network traffic at scale, providing intrusion detection, application performance monitoring, and compliance controls.
VPN
Securely connect your existing network to VPC network over IPsec.
Customers
Learn from customers using Virtual Private Cloud
What's new
What's new
Sign up for Google Cloud newsletters to receive product updates, event information, special offers, and more.
Documentation
Documentation
Using VPC
Virtual Private Cloud documentation, how-to-guides, and support.
Creating a virtual private network (VPN)
How-to-guides, tutorials, and other support to create a VPN.
Using Cloud Router
Documentation and resources for Cloud Router.
Extend your on-premises network to Google with Interconnect
Learn how to use Dedicated Interconnect to connect directly to Google or use Partner Interconnect to connect to Google through a supported service provider.
Qwiklab: Networking in Google Cloud
A two-day class giving participants a broad study of networking options on Google Cloud in addition to common network design patterns and automated deployment.
All features
All features
| VPC network | VPC can automatically set up your virtual topology, configuring prefix ranges for your subnets and network policies, or you can configure your own. You can also expand CIDR ranges without downtime. |
| Packet mirroring | Troubleshoot your existing VPCs by collecting and inspecting network traffic at scale, providing intrusion detection, application performance monitoring, and compliance controls. |
| VPN | Securely connect your existing network to VPC network over IPsec. |
| Firewall | Segment your networks with a global distributed firewall to restrict access to instances. Firewall Rules Logging lets you audit, verify, and analyze the effects of your firewall rules. |
| VPC peering | Configure private communication across the same or different organizations without bandwidth bottlenecks or single points of failure. |
| Shared VPC | Configure a VPC network to be shared across several projects in your organization. Connectivity routes and firewalls associated are managed centrally. Your developers have their own projects with separate billing and quota, while they simply connect to a shared private network, where they can communicate. |
| Routes | Forward traffic from one instance to another instance within the same network, even across subnets, without requiring external IP addresses. |
| VPC flow logs | Flow logs capture information about the IP traffic going to and from network interfaces on Compute Engine. VPC flow logs help with network monitoring, forensics, real-time security analysis, and expense optimization. Google Cloud flow logs are updated every five seconds, providing immediate visibility. |
| Simple and complex architectures | Host globally distributed multi-tier applications by creating a VPC with subnets. Connect Google Cloud or externally hosted databases to Google’s machine learning services by creating a VPC with subnets and VPN access. |
| Disaster recovery | With application replication, create backup Google Cloud compute capacity, then revert back once the incident is over. |
| Private access | Get private access to Google services, such as storage, big data, analytics, or machine learning, without having to give your service a public IP address. Configure your application’s front end to receive internet requests and shield your backend services from public endpoints, all while being able to access Google Cloud services. |
| Bring your own IPs | Bring your own IP addresses to Google’s network across all regions to minimize downtime during migration and reduce your networking infrastructure cost. After you bring your own IPs, Google Cloud will advertise them globally to all peers. Your prefixes can be broken into blocks as small as 16 addresses (/28), creating more flexibility with your resources. |
Pricing
Pricing
VPC offers compelling price/performance pricing.
Learn more.
| Ingress and egress: Traffic type | Price |
|---|---|
| Ingress | No charge |
| Egress to the same zone* | No charge |
| Egress to a different Google Cloud service within the same region | No charge |
| Egress to Google products (such as YouTube, Maps, Drive)** | No charge |
| Egress between zones in the same region, or regions within the US | $0.01/GB |
| Intercontinental egress traffic—from Japan*** |
0–1 TB: $0.14–$0.23/GB 1–10 TB: $0.14–$0.22/GB 10+ TB: $0.12–$0.20/GB |
| Intercontinental egress traffic—from other regions*** |
0–1 TB: $0.12–$0.23/GB 1–10 TB: $0.11–$0.22/GB 10+ TB: $0.08–$0.20/GB |
*No charge for egress through network IP addresses; there are charges for egress through external IP addresses, even if in the same zone
**Promotional pricing
***See Internet Egress traffic rates
| External IP address | Price/Hour (USD) |
|---|---|
| Static IP address (assigned but unused) | $0.010 |
| Static and ephemeral IP addresses in use on standard VM instances | $0.004* |
| Static and ephemeral IP addresses in use on preemptible VM instances | $0.002* |
| Static and ephemeral IP addresses attached to forwarding rules | No charge |
*Charges between January 1st, 2020 and June 30th, 2020 are waived
If you pay in a currency other than USD, the prices listed in your currency on Google Cloud SKUs apply.
Partners
Packet Mirroring partners
