turgayozgur
Reputation: 85
Cloud Run service to service call getting 403 when VPC Accessor Enabled with "Route only requests to private IPs through the VPC connector" option
Do we have to route all outbound request through VPC accessor? What the "Route only requests to private IPs through the VPC connector" option for? Is it only for the service that don't call the another one?
Upvotes: 2
Views: 490
Answers (1)
guillaume blaquiere
Reputation: 75810
When you set the ingress to internal only or internal and cloud load balancing on your Cloud Run service, you can't access your service from outside (except if you use a load balancer).
So, in your case, you route only the private IP to the serverless VPC Connector. However, your Cloud Run service is always reachable on the internet, with a public IP. And thus, to access it from your VPC, you need to use the serverless VPC Connector for all traffic, private and public IPs.
Upvotes: 2
Related Questions
- Using VPC connector in Cloud Run
- Nginx in Cloud Run with internal traffic works but gives connect errors
- Getting 403 when connecting to a Cloud Run service when using a Serverless VPC Connector
- Permission issue in connecting a serverless VPC connector to Cloud Run in host project
- Can't access Google Run service with authenticated access
- CloudRun Service to Service returning 403 After Setup
- Not able to use Serverless VPC Access for Cloud Run and Compute Engine
- Cloud Run: Service-to-Service 401 while curl works
- Can not connect between Cloud Run and Compute engine using Internal IP
- How to allow a public Google Run Instance to communicate to a *private* Google Run Instance?