Configuring Private Google Access and Cloud NAT
Google Cloud’s Network Address Translation (NAT) service enables you to provision your application instances without public IP addresses while also allowing them to access the internet for updates, patching, config management, and more in a controlled and efficient manner.
In this lab, you will configure Private Google Access and Cloud NAT for a VM instance that doesn't have an external IP address. Then, you will verify access to public IP addresses of Google APIs and services and other connections to the internet. Finally, you will use Cloud NAT logging to record connections made in your gateway.
What you'll do
In this lab, you will learn how to perform the following tasks:
- Configure a VM instance that doesn't have an external IP address.
- Create a bastion host to connect to the VM that doesn't have an external IP address.
- Enable Private Google Access on a subnet.
- Configure a Cloud NAT gateway.
- Verify access to public IP addresses of Google APIs and services and other connections to the internet.
- Log NAT connections with Cloud NAT logging.
加入 Qwiklabs 即可阅读本实验的剩余内容…以及更多精彩内容！
- 获取对“Google Cloud Console”的临时访问权限。
- 200 多项实验，从入门级实验到高级实验，应有尽有。
Create a VPC network and firewall rules
Create the VM instance with no public IP address
Create the Bastion host
Create a Cloud Storage Bucket and Enable Private Google Access
Configure a Cloud NAT gateway