Vertex AI Agent Engine supports Private Service Connect interface (PSC interface) and DNS peering for private and secure egress traffic.
Overview
Your agent is deployed in a secure, Google-managed network without access to your Virtual Private Cloud (VPC) network. A PSC interface creates a private and secure bridge to your network, making it the recommended solution for interacting with privately hosted services across your VPC, on-premises, and multi-cloud environments.
When you configure a PSC interface, Agent Engine provisions an interface in a Google-owned tenant project where your agent runs. This interface connects directly to a network attachment in your project. All traffic between your agent and your VPC travels securely within Google's network, never traversing the public internet.
In addition to providing private access, PSC interface is required to enable internet access when using VPC Service Controls.
The agent's ability to access the public internet depends on your project's security configuration, specifically whether you are using VPC Service Controls.
Without VPC Service Controls: When you configure your agent with only a PSC interface, the agent retains its default internet access. This outbound traffic egresses directly from the secure, Google-managed environment where your agent runs.
With VPC Service Controls: When your project is part of a VPC Service Controls perimeter, the agent's default internet access is blocked by the perimeter to prevent data exfiltration. To allow the agent to access the public internet in this scenario, you must explicitly configure a secure egress path that routes traffic through your VPC. The recommended way to achieve this is by setting up a proxy server inside your VPC perimeter and create a Cloud NAT gateway to allow the proxy VM to access the internet.
Setup details for Private Service Connect interface
To enable private connectivity for your deployed agent using Private Service Connect interface, you need to set up a VPC network, subnetwork, and network attachment in your user project.
Subnetwork IP range requirements
Agent Engine recommends a /28 subnetwork.
The subnet of the network attachment supports RFC 1918 and non RFC 1918
addresses with the exception of subnets 100.64.0.0/10 and 240.0.0.0/4.
Agent Engine can only connect to RFC 1918 IP address ranges that are routable
from the specified network. Agent Engine can't reach a privately used public IP
address or the following non-RFC 1918 ranges:
100.64.0.0/10192.0.0.0/24192.0.2.0/24198.18.0.0/15198.51.100.0/24203.0.113.0/24240.0.0.0/4
See Set up a Private Service Connect interface for more information.
Using Private Service Connect interface with Shared VPC
You can use the Private Service Connect interface with a Shared VPC architecture, which lets you create your Agent Engine in a service project while using a network from a central host project.
When setting up PSC interface in a Shared VPC environment, create the subnet in the host project, then create the network attachment in the service project.
For the service project to use the host project's network, you must grant the
appropriate IAM permission. The Vertex AI Service Agent from your
service project needs the Compute Network User (roles/compute.networkUser)
role on the host project.
DNS peering
While Private Service Connect interface provides the secure network path, DNS peering provides the service discovery mechanism. With PSC interface, you need to know the specific IP address of the service in the VPC network. And while you can connect to services using their internal IP addresses, this is not recommended for production systems where IPs can change. With DNS peering, the deployed agent can connect to services in the your VPC network using stable, human-readable DNS names instead of IP addresses. DNS peering enables the deployed agents to resolve DNS names using the records from a Cloud DNS private zone in your VPC. See Set up a private DNS peering for more information.
What's next
- Deploy your agent with Private Service Connect interface and DNS peering.