3

Is it possible for the Google Cloud Workflow to reach the Private VPC (perhaps via a serverless VPC connector)? I can't find anything about it in the documentation. We want to use Workflow to trigger certain things via API on the internal network (no outside access).

Worst case we'll have to proxy it through a Cloud Function

Regards, Niklas

Niklas B
  • 1,839
  • 18
  • 36

3 Answers3

4

VPC connector is one of the most demanding feature of Cloud Workflow but for now it's not implemented. There is no ETA for this feature.

For now, a proxy is required with Cloud Run/Functions and a VPC connector.

guillaume blaquiere
  • 66,369
  • 2
  • 47
  • 76
  • 3
    As PM for Workflows, I can confirm we plan to support HTTP calls to private IPs. There are several other VPC-related features coming first (such as invoking Cloud Run and Cloud Functions set to internal-only ingress, and VPC-SC). – Kris Braun Oct 05 '21 at 18:39
1

As stated in the first sentences in Workflows doc, Cloud Workflows is meant to:

link series of serverless tasks together

and it

Combine the power of Google Cloud's APIs, serverless products like Cloud Functions and Cloud Run, and calls to external APIs

So, as you proposed, the workaround is to wrap / proxy your call to your internal API, through a call to Cloud Function or Cloud Run with proper authentication / authorisation.

MBHA Phoenix
  • 2,029
  • 2
  • 11
  • 25
0

Google Cloud Workflow has an unknown IP, which is difficult to route.

So you're probably looking for Cloud NAT? This would be the console.

Martin Zeitler
  • 1
  • 19
  • 155
  • 216