GCPcloud~5 mins

Custom VPC creation in GCP - Commands & Configuration

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Introduction

Sometimes you need your own private network in the cloud to control how your apps and services talk to each other and the internet. Creating a custom VPC lets you design this network with your own rules and address ranges.

When you want to isolate your cloud resources from other projects for security.

When you need to set specific IP address ranges that do not overlap with your on-premises network.

When you want to control traffic flow between different parts of your cloud setup.

When you plan to connect your cloud network to your office network using VPN or interconnect.

When you want to create multiple sub-networks in different regions for better organization.

Config File - vpc.tf

vpc.tf

provider "google" {
  project = "example-project"
  region  = "us-central1"
}

resource "google_compute_network" "custom_vpc" {
  name                    = "custom-vpc"
  auto_create_subnetworks = false
  description             = "Custom VPC with manual subnet creation"
}

resource "google_compute_subnetwork" "custom_subnet" {
  name          = "custom-subnet"
  ip_cidr_range = "10.10.0.0/16"
  region        = "us-central1"
  network       = google_compute_network.custom_vpc.self_link
  description   = "Subnet in custom VPC"
}

This Terraform file creates a custom VPC network without automatic subnets.

The google_compute_network resource defines the VPC named "custom-vpc" with manual subnet control.

The google_compute_subnetwork resource creates a subnet named "custom-subnet" in the us-central1 region with the IP range 10.10.0.0/16 inside the custom VPC.

Commands

This command initializes Terraform in the current directory, downloading the Google provider plugin needed to create resources.

Terminal

terraform init

Expected OutputExpected

Initializing the backend... Initializing provider plugins... - Finding latest version of hashicorp/google... - Installing hashicorp/google v4.0.0... - Installed hashicorp/google v4.0.0 (signed by HashiCorp) Terraform has been successfully initialized! You may now begin working with Terraform. Try running "terraform plan" to see any changes that are required for your infrastructure. All Terraform commands should now work.

This command applies the Terraform configuration to create the custom VPC and subnet without asking for confirmation.

Terminal

terraform apply -auto-approve

Expected OutputExpected

google_compute_network.custom_vpc: Creating... google_compute_network.custom_vpc: Creation complete after 3s [id=projects/example-project/global/networks/custom-vpc] google_compute_subnetwork.custom_subnet: Creating... google_compute_subnetwork.custom_subnet: Creation complete after 4s [id=projects/example-project/regions/us-central1/subnetworks/custom-subnet] Apply complete! Resources: 2 added, 0 changed, 0 destroyed.

→

-auto-approve - Skip manual approval prompt

This command checks the details of the custom VPC to verify it was created correctly.

Terminal

gcloud compute networks describe custom-vpc

Expected OutputExpected

autoCreateSubnetworks: false creationTimestamp: '2024-06-01T12:00:00.000-07:00' description: Custom VPC with manual subnet creation id: '1234567890123456789' name: custom-vpc selfLink: https://www.googleapis.com/compute/v1/projects/example-project/global/networks/custom-vpc subnetworks: - https://www.googleapis.com/compute/v1/projects/example-project/regions/us-central1/subnetworks/custom-subnet

This command lists all subnets in the custom VPC to confirm the subnet exists with the correct IP range.

Terminal

gcloud compute networks subnets list --filter="network=custom-vpc"

Expected OutputExpected

NAME REGION NETWORK RANGE GATEWAY custom-subnet us-central1 custom-vpc 10.10.0.0/16 10.10.0.1

→

--filter - Filter results to show only subnets in the custom VPC

Key Concept

If you remember nothing else from this pattern, remember: creating a custom VPC means disabling automatic subnets and manually defining your own subnetworks with specific IP ranges.

Common Mistakes

Not setting auto_create_subnetworks to false when creating a custom VPC

The VPC will automatically create default subnets in all regions, which you don't want for a custom setup.

Always set auto_create_subnetworks = false to fully control subnet creation.

Using overlapping IP ranges for subnets or with on-premises networks

IP conflicts cause routing problems and connectivity failures.

Plan and assign unique, non-overlapping CIDR blocks for each subnet.

Not specifying the correct region for subnets

Subnets must be created in a specific region; otherwise, deployment fails or resources are unreachable.

Always specify the region field matching where you want the subnet.

Summary

Initialize Terraform to prepare for resource creation.

Apply the Terraform configuration to create a custom VPC and subnet.

Verify the VPC and subnet exist using gcloud commands.