-1

Today we are on corporate network whos connect to the google cloud vpc through an IPSec configure on a FW, but sooner this building will be deactivated and every collaborator will work from home. Looks like GCP does not have a service to provide individual connections to these VPCs. What is the best practice for this scenario? what have you been using

argdenis
  • 21
  • 4
  • 1
    This is not a best practice, but I configure WireGuard on a VM and WireGuard on each employee's PC. This provides encrypted connections with routing into the VPC. WireGuard is free, easy to configure, encrypted, and easy to debug problems. This also means that employees can network together using encrypted connections. I can share a folder and another employee can map the folder and copy files to/from the folder. – John Hanley May 24 '23 at 17:49

1 Answers1

-1

You can allowlist the public IP address assigned to your partner at VPC firewall level as an Ingress Firewall rule.

Additionally, you can customize IAM role for your partners, depends of the activities assigned.

Remember the gold rule about CyberSec, less surfaces to be attacked is better.

Restrict the access for specific IP addresses and customize your IAM roles

Alejandro F.
  • 410
  • 3
  • 10