Create the Virtual Private Cloud

An VPC is a virtual network. For more information, see Google VPC.

 

Creating the VPC

To create the VPC in the Google CLI, run the following command:

gcloud compute networks create <Network_Name>  --bgp-routing-mode=<BGP_ROUTING_MODE> --description=<DESCRIPTION>  --<mtu>=<MTU>  --subnet-mode=<SUBNET_MODE> 

Where:

<Network_Name> is the name you're assigning to the VPC network

<mtu> represents the maximum transmission unit (MTU), that is, the largest packet size of the network. MTU can be set to any value from 1300 to 8896. The default is 1460.

<BGP_ROUTING_MODE> is the BGP routing mode of your network (either REGIONAL or GLOBAL, with the default being REGIONAL)

<SUBNET_MODE> is the subnet mode of the network (either auto or custom, with the default being auto)

<DESCRIPTION> is an optional description of the network

Example command and output:

gcloud compute networks create gcp-arcsight-test --project=security-arcsight-nonprod  --subnet-mode=custom --mtu=1460 --bgp-routing-mode=regional --description="This is the GCP testing vpc, the range for this VPC are 10.1.0.0/16"

Created [https://www.googleapis.com/compute/v1/projects/security-arcsight-nonprod/global/networks/gcp-arcsight-test].
NAME: gcp-arcsight-test
SUBNET_MODE: CUSTOM
BGP_ROUTING_MODE: REGIONAL
IPV4_RANGE: 
GATEWAY_IPV4: 

Instances on this network will not be reachable until firewall rules
are created. As an example, you can allow all internal traffic between
instances as well as SSH, RDP, and ICMP by running:

$ gcloud compute firewall-rules create <FIREWALL_NAME> --network gcp-arcsight-test --allow tcp,udp,icmp --source-ranges <IP_RANGE>
$ gcloud compute firewall-rules create <FIREWALL_NAME> --network gcp-arcsight-test --allow tcp:22,tcp:3389,icmp