Skip to content
Last9 Last9
Book a Demo

Send data using GCP Private Service Connect

This guide walks you through how to configure GCP Private Service Connect for use with Last9. Send read and write requests over the private network.

The process consists of configuring a Private Service Connect (PSC) endpoint in your VPC, which can communicate with the Last9 endpoint without going through the public network.

Setup

Get Last9 Private Service Connect Service Attachment

Currently, Last9 supports Private Service Connect in GCP regions where our services are hosted.

You can obtain the service attachment details by contacting the Last9 team.

Create a Private Service Connect Endpoint

Step 1: Navigate to Private Service Connect

  1. Open Google Cloud Console
  2. Navigate to Network servicesPrivate Service Connect
  3. Select the Connected endpoints tab

Navigate to Private Service Connect

Step 2: Create Connect Endpoint

  1. Click “Connect Endpoint”

Create Connect Endpoint

Step 3: Configure Target Details

In the Target section:

  • Target type: Select “Published service”
  • Target service: Paste the service attachment URI provided by Last9

Configure Target Details

Step 4: Configure Endpoint Details

🏷️ Endpoint name

  • Enter a descriptive name for your PSC endpoint
  • Use naming convention: psc-endpoint-last9-[environment]
  • Example: psc-endpoint-last9-prod

Configure Endpoint Name

🌐 Network configuration

  • Network: Select your VPC network (or “default” if using default VPC)
  • Subnetwork: Select the appropriate subnet in your VPC

Network Configuration

🔢 IP address configuration

  • IP address:
    • Option 1: Use the same name as the endpoint name for consistency
    • Option 2: Let GCP auto-assign an IP address
    • Option 3: Specify a custom IP address from the subnet range

IP Address Configuration

Step 5: Review and Create

  1. Review all configuration settings
  2. Click “Add Endpoint” to provision the PSC endpoint
  3. Wait for the endpoint to be created (typically takes 2-5 minutes)
  4. Once the endpoint is created, you’ll see it listed in the Connected endpoints section

Review and Create Endpoint

Endpoint Successfully Created

Additional Configuration

Firewall Rules

  • Ensure your firewall rules allow outbound traffic on port 443 from your workloads to the PSC endpoint
  • For on-premise Last9 setups, also allow traffic on port 80

DNS Configuration (Optional)

  • If needed, configure DNS settings to resolve Last9 hostnames to the PSC endpoint’s private IP address
  • This step is typically not required as GCP handles DNS resolution automatically for PSC endpoints

Verification

After the PSC endpoint status becomes available, validate that you can reach Last9 services through the private connection:

  1. Test Connectivity: From a machine in your VPC, test connectivity to the Last9 endpoint through the PSC connection
  2. Verify Private Routing: Confirm that traffic is routing through the private connection and not the public internet
  3. Monitor Metrics: Check the PSC endpoint metrics in the Google Cloud Console to confirm data flow
  4. Validate DNS Resolution: Ensure that Last9 hostnames resolve to the PSC endpoint’s private IP address

You can use tools like curl, telnet, or nslookup to verify connectivity and DNS resolution from within your VPC.

That’s all! You can now send logs, metrics, and traces to Last9 using Private Service Connect.

Troubleshooting

Please get in touch with us on Discord or Email if you have any questions.