# VPC Network Peering Connection with GCP

This document describes how to create a VPC Network Peering connection between EMQX Cloud and Google Cloud Platform (GCP) to enable private network communication between your GCP VPC and the EMQX Cloud deployment.

## Create a VPC Network Peering Connection

1. Log in to [EMQX Cloud Console](<https://cloud-intl.emqx.com/console>) and enter your deployment.

2. Click **Network Management** from the left menu. In the **VPC Peering Connection** area, click the **+ VPC Peering Connection** button.

3. On the pop-up dialog, enter the following information:

   * **Project ID**: GCP Project ID of your peering VPC
   * **VPC Network Name**:  Network Name of your peering VPC

   Record the following information for future use:

    * **VPC Network Name of deployment**
    * **CIDR of deployment**
     * **Project ID of EMQX Cloud**

   ![gcp_create_peering](./_assets/gcp_vpc_peering.png)

4. Log in to your GCP console, create the peering connection.

   1. In the Google Cloud Console, click **VPC network peering**.
   2. Click **CREATE PEERING CONNECTION**, and click **Continue**
   3. In **Name**, enter a name for your peering connection.
   4. In **Your VPC Network**, enter the name of your GCP VPC network.
   5. In **Peered VPC network**, select **In another project**.
   6. In **Project ID**, enter EMQX Cloud Project ID. You can find this name in the VPC Peering view in EMQX Cloud.
   7. In **VPC network name**, enter your EMQX Cloud VPC Network Name. You can find this name in the VPC Peering view in EMQX Cloud.
   8. Click **CREATE**.

   ![gcp_peering](./_assets/gcp_peering.png)

5. You will see the status of peering connection is **Active** if succeeded.

   ![gcp_console_peering](./_assets/gcp_console_peering.png)
   and you will see the status of VPC Peering on EMQX Cloud is **running**.
   ![gcp_peering_result](./_assets/gcp_vpc_peering_status.png)

6. Create a firewall to allow your EMQX Broker deployment to access your GCP network.

   1. Click **Firewall**, and Click **CREATE FIREWALL RULE**.
   2. In **Network**, select your GCP network
   3. In **Targets**, select **All instances in the network**, or you can select other options according to your situation.
   4. In **Source IP ranges**, fill in the CIDR of the deployment in step 1
   5. Select your Protocols and ports.

## Delete a VPC Peering Connection

To delete a peering connection, you need to ensure that the status of the peering connection is **Running**.

::: tip

Before deleting the peering connection, please make sure that there are no associated resources in the deployment; otherwise, there will be unpredictable risks

:::

1. Go to the VPC Peering Connection area on the Network Management page in your deployment.

   ![vpc-list](./_assets/gcp_vpc_peering_status.png)

2. Click the "delete" icon in the **Actions** column of the peering connection.

   ![vpc-delete](./_assets/gcp_peering_delete.png)