To ensure that a Compute Engine instance does not have access to the internet or to any Google APIs or services, you need to disable the following settings:
Public IP: Disabling the public IP address ensures that the instance does not have a direct connection to the internet. Without a public IP address, the instance cannot be accessed from or communicate with the internet directly.
Private Google Access: Disabling Private Google Access ensures that the instance does not have access to Google APIs and services through the internal Google network. Private Google Access allows instances without a public IP to reach Google APIs and services using private IP addresses, but disabling it will block this path.
Disabling these settings will effectively isolate the instance from both the public internet and Google's internal API services.
References
Google Cloud VPC Documentation - Overview
Configuring Private Google Access
Compute Engine Network Overview
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit