Virtual Private Cloud
Manage Networking For Your Resources
With Google Cloud Platform (GCP) VPC, you can provision your GCP resources, connect them to each other, and isolate them from one another in a Virtual Private Cloud (VPC). You can also define fine-grained networking policies within GCP, and between GCP and on-premises or other public clouds. VPC is a comprehensive set of Google-managed networking capabilities, including granular IP address range selection, routes, firewalls, Virtual Private Network (VPN), and Cloud Router.
VPC offers automatic setup of your virtual topology, with suggested prefix ranges and network policies, so that you can get off the ground with your services fast. As your services become more complex, you may need more control. You can seamlessly customize your VPC’s size and connectivity rules so that it adapts to your needs.
Designed for Security
Leverage stateful firewalls to secure your VPC network, and individual services. Use VPN for secure private hybrid cloud scenarios. Control who can configure connectivity and security rules with IAM policies. Privately access Google's storage, big data, and analytics managed services. Additionally, VPC leverages the security of Google’s data centers.
Flexible Geographical Scope
Whether your services are scoped globally worldwide or regionally, VPC can meet your needs. VPC offers the flexibility to adapt your VPC network domain to the needs of your services, contained within or across several regions.
With a distributed software architecture, your VPC network is fully virtualized and highly scalable. You can grow your services without capacity planning constraints or considerations.
Share a VPC Network
With Shared VPC, you share a common VPC network across multiple GCP projects to operate services with its own quotas and billing.
Managed networking functionality for your Cloud Platform resources
Create a VPC network in auto mode (subnet IP ranges auto-allocated) or custom mode (configure your own subnet IP ranges). Custom mode VPC networks can expand their CIDR ranges, and can move from one availability zone to another (e.g. from A to B) within a region (e.g. us-west1), without any impact to configured VMs.
Enable dynamic Border Gateway Protocol (BGP) route updates between your VPC network and your non-Google network with our virtual router.
Securely connect your existing network to VPC network over IPsec.
Configure a VPC Network to be shared across several projects in your organization. Connectivity routes and firewalls associated are managed centrally. Your developers have their own projects with separate billing and quota, while they simply connect to a shared private network, where they can communicate.
Segment your networks with a global distributed firewall to restrict access to instances.
Forward traffic from one instance to another instance within the same network, even across subnets, without requiring external IP addresses.