Create a Shared VPC in GCP
A shared VPC is used to create a shared network between your projects and between regions and multi-regional zones in GCP. Essentially is allow you to create a flat network which all resources can access.
There are TWO major gotchas:
- Your account must have the IAM Role “Compute Shared VPC Admin” and “Organizational Admin”
- You must have the default VPC already created – to do this just view the VPC for your project and Compute Engine will automatically create the default subnet
If you dont have the roles you can find them by looking in Compute Engine>
Next goto the Google Compute Engine > Shared VPC
On the Set Up Shared VPC page click save and continue
On the Select subnets page choose your sharing mode and add you pre-created subnets
Next allocate the permissions to the projects
Next press the Attach Project button and add you other projects. Make sure you check the subnets are attached too.
It will take a few moments to process
Then your cross-project Shared VPC is created
Next test connectivity by creating a demo VM in your sub-project region. Make sure you attach it to the correct subnet at the point of creation called “Networks shared with me“
Next test connectivity. Make sure you have enabled firewall rules for SSH and ICMP (ping)
You can see i have 2x VM. One in London(Master Project), One in Finland (Guest Project)
Note different regions and different IP subnet ranges.
Recent Comments