Configuring Private Google Access and Cloud NAT
Google Cloud’s Network Address Translation (NAT) service enables you to provision your application instances without public IP addresses while also allowing them to access the internet for updates, patching, config management, and more in a controlled and efficient manner.
In this lab, you will configure Private Google Access and Cloud NAT for a VM instance that doesn't have an external IP address. Then, you will verify access to public IP addresses of Google APIs and services and other connections to the internet. Finally, you will use Cloud NAT logging to record connections made in your gateway.
What you'll do
In this lab, you will learn how to perform the following tasks:
- Configure a VM instance that doesn't have an external IP address.
- Create a bastion host to connect to the VM that doesn't have an external IP address.
- Enable Private Google Access on a subnet.
- Configure a Cloud NAT gateway.
- Verify access to public IP addresses of Google APIs and services and other connections to the internet.
- Log NAT connections with Cloud NAT logging.
Join Qwiklabs to read the rest of this lab...and more!
- Get temporary access to the Google Cloud Console.
- Over 200 labs from beginner to advanced levels.
- Bite-sized so you can learn at your own pace.
Create a VPC network and firewall rules
Create the VM instance with no public IP address
Create the Bastion host
Create a Cloud Storage Bucket and Enable Private Google Access
Configure a Cloud NAT gateway