1. Home
  2. Training Library
  3. Google Cloud Platform
  4. Courses
  5. Implementing a GCP Virtual Private Cloud (VPC)

Private Google API Access

Start course
Duration1h 15m


Please note: this course has been replaced with an updated version which can be found here.


This course guides you through the key steps to configure a Google Cloud Platform virtual private cloud (VPC), which allows you to connect your GCP services with one another securely.

After a brief introduction, the course begins with how to set up and configure VPCs, including VPC peering and shared VPC. You'll learn how to configure routes, set up cloud NAT (network address translation), and configure VPC-native clusters in Kubernetes, before rounding off the course by looking at VPC firewalls. The topics in this course are accompanied by demonstrations on the platform in order to show you how these concepts apply to real-world scenarios.

If you have any feedback, questions, or queries relating to this course, please feel free to contact us at support@cloudacademy.com.

Learning Objectives

  • Configure Google Cloud Platform VPC resources
  • Configure VPC peering and API access
  • Create shared VPCs
  • Configure internal static and dynamic routing, as well as NAT
  • Configure and maintain Google Kubernetes Engine clusters
  • Configure and maintain VPC firewalls

Intended Audience

This course is intended for:

  • Individuals who want to learn more about Google Cloud networking, who may also have a background in cloud networking with other public cloud providers
  • Individuals who simply want to widen their knowledge of cloud technology in general


To get the most from this course, you should already have experience in public cloud and networking as well as an understanding of GCP architecture.


Okay, so for this next section, when we talk about private Google API access, there's three things that you're gonna have to do before you set that up.

Number one, you're gonna have to configure your route to go to the destination IP address of, with the CIDR range of 30.

After that, you'll need to set up your firewall rules to allow the traffic to get to that restricted Google API address range. And then lastly, you have to set your DNS up so that the traffic can resolve. So on this short demo here, I'm just gonna do the first part of that and show you how you can set up your route very quickly.

So I've already got the code off-screen here, and I'm gonna do it in GCloud. So we're gonna go ahead and we're gonna set up a new route called Private API. We're gonna have that network apply to the private VPC network I've set up to that destination range that I had talked about earlier, the

So what we're gonna go ahead and do is run this code to create the route. And let's go back. And you're gonna see just like that the route is created with the destination IP range, set up to

So with that being set up, the next two steps, like I said earlier, are gonna be the firewall rules and DNS. And then ultimately, the whole point of this is to be able to, whether you're hybrid network and you're sending traffic out, you could send directly to the private API address range that you see here on the screen. Or if you're using GCP and you have some external instances, you can also have them go directly to that range as well.

About the Author

Mark has many years of experience working with Google Cloud Platform and also holds eight GCP certifications.