(Optional) Configure your reporting to use Virtual Private Cloud (VPC)
Stay organized with collections
Save and categorize content based on your preferences.
Optionally, if you want to use Virtual Private Cloud (VPC) in the
environment in which your product's service runs, you must complete the
following steps to integrate Google Cloud Marketplace reporting with VPC.
By default, the Compute Engine virtual machines (VMs) in your
VPC can only communicate internally. You must configure one of
the VMs to communicate externally, so that the rest of the VMs in your
VPC can use it for reporting.
Ensure that you have the
Compute Network Admin Identity and Access Management (IAM) role for your
Google Cloud project.
Set up Private Google Access
To enable your product's Compute Engine virtual machines (VMs) to communicate
externally for reporting purposes, you must set up
Private Google Access. For more information
about configuring Private Google Access, refer to
Configuring Private Google Access.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-25 UTC."],[],[],null,["# (Optional) Configure your reporting to use Virtual Private Cloud (VPC)\n\nOptionally, if you want to use [Virtual Private Cloud (VPC)](/vpc) in the\nenvironment in which your product's service runs, you must complete the\nfollowing steps to integrate Google Cloud Marketplace reporting with VPC.\nBy default, the Compute Engine virtual machines (VMs) in your\nVPC can only communicate internally. You must configure one of\nthe VMs to communicate externally, so that the rest of the VMs in your\nVPC can use it for reporting.\n\nBefore you begin\n----------------\n\n- Set up your preferred implementation of VPC in your service environment. For steps to set up VPC, visit [Create and modify Virtual Private Cloud (VPC) networks](/vpc/docs/create-modify-vpc-networks).\n- Ensure that you have the [Compute Network Admin](/iam/docs/understanding-roles#compute-engine-roles) Identity and Access Management (IAM) role for your Google Cloud project.\n\nSet up Private Google Access\n----------------------------\n\nTo enable your product's Compute Engine virtual machines (VMs) to communicate\nexternally for reporting purposes, you must set up\n[Private Google Access](/vpc/docs/private-google-access). For more information\nabout configuring Private Google Access, refer to\n[Configuring Private Google Access](/vpc/docs/configure-private-google-access).\n\n1. [Enable Private Google Access](/vpc/docs/configure-private-google-access#enabling-pga)\n for your service environment.\n\n2. [Configure DNS](/vpc/docs/configure-private-google-access#config-domain) to\n resolve requests to `private.googleapis.com`.\n\n3. [Create a custom route](/vpc/docs/using-routes#addingroute) for Google APIs:\n\n - For **Name** , specify `route-google-apis-services`.\n - For **Network**, select your VPC.\n - For **Destination IP range** , specify `199.36.153.8/30`.\n - For **Priority** , specify `0`.\n - For **Instance tags** , specify `google-apis-services`.\n - For **Next hop** , select **Default internet gateway**.\n4. [Create a VPC firewall rule](/vpc/docs/using-firewalls#creating_firewall_rules)\n to enable your product to communicate with Google APIs:\n\n - For the **Name** , specify `google-apis-services`.\n - For the **Description** , specify `Allow egress traffic to Google APIs and\n services`.\n - Enable [firewall rules logging](/vpc/docs/using-firewall-rules-logging).\n - For **Network**, select your VPC.\n - For **Direction of traffic** , select **Egress**.\n - For the **Action on match** , select **Allow**.\n - For **Targets** , select `Specified target tags`, and then for **Target\n tags** , specify `google-apis-services`.\n - For the **Destination filter** , select `IPv4 ranges`, and for the **Destination IPv4 ranges** , specify `199.36.153.8/30`.\n - For **Protocols and ports** , select `Allow all`.\n5. In Google Cloud console, select the VM you want to use to report your\n product's usage. Under **Network tags** , add `google-apis-services`, and\n click **SAVE**.\n\n6. Under **Network interfaces**, locate your VPC's network\n interface.\n\n7. In the **Subnetwork** column, click the subnet link. From the\n **Subnet details** page, click **Edit** , and set **Private Google Access**\n to **On**.\n\n8. Click **Save**."]]
