I am currently stuck on a network architecture issue on Google Cloud Platform.
Let me explain:
I have a project A with different Google Cloud Run services which are all restricted with an internal ingress (without authorization from external load balancer). All project A services have an internal load balancer with an ip address from the default network. Another project B is exactly set up in the same way and I would like to reach project A service AND project B service from project B.
I set up a Shared VPC with a specific subnet created in project A and shared with project B. From what I know, I have to set up a Serverless VPC connector in the project B service to reach any internal addresses. So, from project B, If I use a Serverless VPC which uses its own default network I can't reach project A services (time out) but I can reach his own. Otherwise If I use a project A Serverless VPC I can reach project A services but not his own (time out).
This whole situation makes sense but is it possible to create (with VPC Network Peering ?) a special VPC connector which uses only the shared subnet to route only internal addresses from project A and uses the other subnets from project B to route his own services ?
I finally found the right way to do this with Private Service Connect. Just need to publish a service in the project A and connect an endpoint in the project B. All this without any Shared VPC configuration or anything else.