The guide inspired by Static outbound IP address for Cloud Run.
gcloud compute networks list
You should see output like the following:
NAME SUBNET_MODE BGP_ROUTING_MODE
default AUTO REGIONAL
Identify the network you attached to your Serverless VPC Access connector.
gcloud compute routers create ROUTER_NAME \
--network=NETWORK_NAME \
--region=REGION
In the command above, replace:
ROUTER_NAME
with a name for the Cloud Router resource you want to create.NETWORK_NAME
with the name of the VPC network you found in step 1.REGION
with the region in which you want to create a NAT gateway.
3. Reserve a static IP address. A reserved IP address resource retains the underlying IP address when the resource it is associated with is deleted and re-created:
gcloud compute addresses create ORIGIN_IP_NAME --region=REGION
In the command above, replace:
ORIGIN_IP_NAME
with the name you want to assign to the IP address resource.REGION
with the region that will run the Cloud NAT router. Ideally the same region as your Cloud Functions to minimize latency and network costs.
4. Create a Cloud NAT gateway configuration on this router to route the traffic originating from the VPC network using the static IP address you created:
gcloud compute routers nats create NAT_NAME \
--router=ROUTER_NAME \
--region=REGION \
--nat-all-subnet-ip-ranges \
--nat-external-ip-pool=ORIGIN_IP_NAME
In the command above, replace:
NAT_NAME
with a name for the Cloud NAT gateway resource you want to create.ROUTER_NAME
with the name of your Cloud Router.REGION
with the region in which you want to create a NAT gateway.ORIGIN_IP_NAME
with the name of the reserved IP address resource you created in the previous step.
5. Create connector using this guide: Creating a connector.
const functions = require('firebase-functions')
const fetch = require('node-fetch')
exports.helloWorld = functions
.runWith({
vpcConnector: 'CONNECTOR_NAME',
vpcConnectorEgressSettings: 'ALL_TRAFFIC'
})
.https.onRequest(async (request, response) => {
try {
const result = await fetch('https://api.ipify.org?format=json')
const json = await result.json()
return response.json(json)
} catch (e) {
return response.send('Can not fetch the IP')
}
})
In the command above, replace:
CONNECTOR_NAME
with the name of your Serverless VPC Access connector.
I have designed a Firebase Cloud Function in Node.js where I am using PhonePe for payment. However, they have stated that they require a static IP address for whitelisting. Can I utilize the above solution and share the static IP with them?