1

I am currently stuck on a network architecture issue on Google Cloud Platform.

Let me explain:

I have a project A with different Google Cloud Run services which are all restricted with an internal ingress (without authorization from external load balancer). All project A services have an internal load balancer with an ip address from the default network. Another project B is exactly set up in the same way and I would like to reach project A service AND project B service from project B.

I set up a Shared VPC with a specific subnet created in project A and shared with project B. From what I know, I have to set up a Serverless VPC connector in the project B service to reach any internal addresses. So, from project B, If I use a Serverless VPC which uses its own default network I can't reach project A services (time out) but I can reach his own. Otherwise If I use a project A Serverless VPC I can reach project A services but not his own (time out).

This whole situation makes sense but is it possible to create (with VPC Network Peering ?) a special VPC connector which uses only the shared subnet to route only internal addresses from project A and uses the other subnets from project B to route his own services ?

lachauj
  • 21
  • 5

1 Answers1

1

I finally found the right way to do this with Private Service Connect. Just need to publish a service in the project A and connect an endpoint in the project B. All this without any Shared VPC configuration or anything else.

lachauj
  • 21
  • 5
  • Your answer could be improved with additional supporting information. Please [edit] to add further details, such as citations or documentation, so that others can confirm that your answer is correct. You can find more information on how to write good answers [in the help center](/help/how-to-answer). – Community Jan 30 '23 at 01:59