Private VM in GCP
Also read - Private Subnets in GCP and Azure Private Links versus Private Endpoints
Overview
The default setting for a VM instance is to have an ephemeral external IP address ( This behavior can be changed with a policy constraint at the organization or project level).
How do you ensure that a VM is a) In a Private Subnet and b) Does not have an external IP Address?
Once you have a private subnet (see post linked above), you can ensure that the NICs on your VMs are all private as shown below.
Ensure the VM is private (Network Interfaces, External IP)
- Click Management -> security -> disks -> networking -> sole tenancy.
- Click Networking
- For Network interfaces, click the pencil icon to edit.
- Specify the following, and leave the remaining settings as their defaults:
Property Value (type value or select option as specified) Network privatenet Subnetwork privatenet-us External IP None
Need an experienced Cloud Security Expert?
Anuj has successfully delivered over a dozen deployments on each of the public clouds (AWS/GCP/Azure) including several DevSecOps engagements. Set up a time with Anuj Varma.
Leave a Reply