GCPcloud~5 mins

Custom VPC creation in GCP - Commands & Configuration

Choose your learning style10 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Start learning this pattern below

Jump into concepts and practice - no test required

Recommended

Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong

Introduction

Sometimes you need your own private network in the cloud to control how your apps and services talk to each other and the internet. Creating a custom VPC lets you design this network with your own rules and address ranges.

When you want to isolate your cloud resources from other projects for security.

When you need to set specific IP address ranges that do not overlap with your on-premises network.

When you want to control traffic flow between different parts of your cloud setup.

When you plan to connect your cloud network to your office network using VPN or interconnect.

When you want to create multiple sub-networks in different regions for better organization.

Config File - vpc.tf

vpc.tf

provider "google" {
  project = "example-project"
  region  = "us-central1"
}

resource "google_compute_network" "custom_vpc" {
  name                    = "custom-vpc"
  auto_create_subnetworks = false
  description             = "Custom VPC with manual subnet creation"
}

resource "google_compute_subnetwork" "custom_subnet" {
  name          = "custom-subnet"
  ip_cidr_range = "10.10.0.0/16"
  region        = "us-central1"
  network       = google_compute_network.custom_vpc.self_link
  description   = "Subnet in custom VPC"
}

This Terraform file creates a custom VPC network without automatic subnets.

The google_compute_network resource defines the VPC named "custom-vpc" with manual subnet control.

The google_compute_subnetwork resource creates a subnet named "custom-subnet" in the us-central1 region with the IP range 10.10.0.0/16 inside the custom VPC.

Commands

This command initializes Terraform in the current directory, downloading the Google provider plugin needed to create resources.

Terminal

terraform init

Expected OutputExpected

Initializing the backend... Initializing provider plugins... - Finding latest version of hashicorp/google... - Installing hashicorp/google v4.0.0... - Installed hashicorp/google v4.0.0 (signed by HashiCorp) Terraform has been successfully initialized! You may now begin working with Terraform. Try running "terraform plan" to see any changes that are required for your infrastructure. All Terraform commands should now work.

This command applies the Terraform configuration to create the custom VPC and subnet without asking for confirmation.

Terminal

terraform apply -auto-approve

Expected OutputExpected

google_compute_network.custom_vpc: Creating... google_compute_network.custom_vpc: Creation complete after 3s [id=projects/example-project/global/networks/custom-vpc] google_compute_subnetwork.custom_subnet: Creating... google_compute_subnetwork.custom_subnet: Creation complete after 4s [id=projects/example-project/regions/us-central1/subnetworks/custom-subnet] Apply complete! Resources: 2 added, 0 changed, 0 destroyed.

→

-auto-approve - Skip manual approval prompt

This command checks the details of the custom VPC to verify it was created correctly.

Terminal

gcloud compute networks describe custom-vpc

Expected OutputExpected

autoCreateSubnetworks: false creationTimestamp: '2024-06-01T12:00:00.000-07:00' description: Custom VPC with manual subnet creation id: '1234567890123456789' name: custom-vpc selfLink: https://www.googleapis.com/compute/v1/projects/example-project/global/networks/custom-vpc subnetworks: - https://www.googleapis.com/compute/v1/projects/example-project/regions/us-central1/subnetworks/custom-subnet

This command lists all subnets in the custom VPC to confirm the subnet exists with the correct IP range.

Terminal

gcloud compute networks subnets list --filter="network=custom-vpc"

Expected OutputExpected

NAME REGION NETWORK RANGE GATEWAY custom-subnet us-central1 custom-vpc 10.10.0.0/16 10.10.0.1

→

--filter - Filter results to show only subnets in the custom VPC

Key Concept

If you remember nothing else from this pattern, remember: creating a custom VPC means disabling automatic subnets and manually defining your own subnetworks with specific IP ranges.

Common Mistakes

Not setting auto_create_subnetworks to false when creating a custom VPC

The VPC will automatically create default subnets in all regions, which you don't want for a custom setup.

Always set auto_create_subnetworks = false to fully control subnet creation.

Using overlapping IP ranges for subnets or with on-premises networks

IP conflicts cause routing problems and connectivity failures.

Plan and assign unique, non-overlapping CIDR blocks for each subnet.

Not specifying the correct region for subnets

Subnets must be created in a specific region; otherwise, deployment fails or resources are unreachable.

Always specify the region field matching where you want the subnet.

Summary

Initialize Terraform to prepare for resource creation.

Apply the Terraform configuration to create a custom VPC and subnet.

Verify the VPC and subnet exist using gcloud commands.

Practice

(1/5)

1. What is the main advantage of creating a Custom VPC in Google Cloud Platform?

easy

A. You can define your own IP address ranges and subnets.

B. It automatically creates default firewall rules.

C. It provides free internet access without configuration.

D. It disables all network traffic by default.

5. You want to create a custom VPC named prod-vpc with two subnets:
- subnet-a in us-west1 with range 10.10.1.0/24
- subnet-b in us-east1 with range 10.10.2.0/24
Which sequence of gcloud commands correctly creates this setup?

hard

A. 1) gcloud compute networks create prod-vpc --subnet-mode=auto 2) gcloud compute networks subnets create subnet-a --network=prod-vpc --region=us-west1 --range=10.10.1.0/24 3) gcloud compute networks subnets create subnet-b --network=prod-vpc --region=us-east1 --range=10.10.2.0/24

B. 1) gcloud compute networks create prod-vpc --subnet-mode=custom 2) gcloud compute networks subnets create subnet-a --network=prod-vpc --region=us-west1 --range=10.10.1.0/24 3) gcloud compute networks subnets create subnet-b --network=prod-vpc --region=us-east1 --range=10.10.2.0/24

C. 1) gcloud compute networks create prod-vpc 2) gcloud compute networks subnets create subnet-a --network=prod-vpc --region=us-west1 --range=10.10.1.0/24 3) gcloud compute networks subnets create subnet-b --network=prod-vpc --region=us-east1 --range=10.10.2.0/24

D. 1) gcloud compute networks create prod-vpc --subnet-mode=custom 2) gcloud compute networks subnets create subnet-a --network=prod-vpc --region=us-west1 --range=10.10.2.0/24 3) gcloud compute networks subnets create subnet-b --network=prod-vpc --region=us-east1 --range=10.10.1.0/24

Solution

Step 1: Create the VPC with custom subnet mode
The VPC must be created with --subnet-mode=custom to allow manual subnet creation.
Step 2: Create subnets with correct regions and CIDR ranges
Subnets must be created with specified regions and matching CIDR ranges as per requirements.
Step 3: Verify order and correctness
1) gcloud compute networks create prod-vpc --subnet-mode=custom 2) gcloud compute networks subnets create subnet-a --network=prod-vpc --region=us-west1 --range=10.10.1.0/24 3) gcloud compute networks subnets create subnet-b --network=prod-vpc --region=us-east1 --range=10.10.2.0/24 correctly creates the VPC first, then subnets with correct ranges and regions. 1) gcloud compute networks create prod-vpc --subnet-mode=auto 2) gcloud compute networks subnets create subnet-a --network=prod-vpc --region=us-west1 --range=10.10.1.0/24 3) gcloud compute networks subnets create subnet-b --network=prod-vpc --region=us-east1 --range=10.10.2.0/24 uses auto subnet mode which auto-creates subnets, conflicting with manual subnet creation. 1) gcloud compute networks create prod-vpc 2) gcloud compute networks subnets create subnet-a --network=prod-vpc --region=us-west1 --range=10.10.1.0/24 3) gcloud compute networks subnets create subnet-b --network=prod-vpc --region=us-east1 --range=10.10.2.0/24 misses subnet mode flag. 1) gcloud compute networks create prod-vpc --subnet-mode=custom 2) gcloud compute networks subnets create subnet-a --network=prod-vpc --region=us-west1 --range=10.10.2.0/24 3) gcloud compute networks subnets create subnet-b --network=prod-vpc --region=us-east1 --range=10.10.1.0/24 swaps CIDR ranges between subnets.
Final Answer:
Correct sequence with custom subnet mode and matching subnet ranges -> Option B
Quick Check:
Custom VPC + correct subnet ranges = 1) gcloud compute networks create prod-vpc --subnet-mode=custom 2) gcloud compute networks subnets create subnet-a --network=prod-vpc --region=us-west1 --range=10.10.1.0/24 3) gcloud compute networks subnets create subnet-b --network=prod-vpc --region=us-east1 --range=10.10.2.0/24 [OK]

Hint: Create VPC with --subnet-mode=custom before adding subnets [OK]

Common Mistakes:

Using auto subnet mode when manual subnets needed
Swapping subnet CIDR ranges by mistake
Omitting --subnet-mode flag on VPC creation

Custom VPC creation in GCP - Commands & Configuration

Start learning this pattern below

Practice

Solution

Step 1: Understand Custom VPC purpose

Step 2: Eliminate wrong options

Final Answer:

Quick Check:

Solution

Step 1: Identify subnet mode for custom VPC

Step 2: Evaluate options

Final Answer:

Quick Check:

Solution

Step 1: Read the subnet creation command

Step 2: Match the CIDR range

Final Answer:

Quick Check:

Solution

Step 1: Understand the error message

Step 2: Check other options

Final Answer:

Quick Check:

Solution

Step 1: Create the VPC with custom subnet mode

Step 2: Create subnets with correct regions and CIDR ranges

Step 3: Verify order and correctness

Final Answer:

Quick Check: