--- title: "Configure GCP Private Service Connect | Grafana Cloud documentation" description: "This document outlines the steps to configure GCP Private Service Connect" --- # Configure GCP Private Service Connect Send telemetry data from your GCP private network to Grafana Cloud via [Private Service Connect](https://cloud.google.com/vpc/docs/private-service-connect), also known as **PSC**. Sending your data via GCP PSC can: - Reduce your GCP egress costs - Improve security by keeping your data within the GCP network To use this feature, configure a PSC endpoint in your GCP project. ## Prerequisites To use GCP PSC, you will need: - A Grafana Cloud stack **hosted on GCP**. Check where your stack is hosted by navigating to it in the [My Account](/auth/sign-in/?plcmt=top-nav&cta=myaccount) section of Grafana Cloud and clicking on Details for a given service, like Prometheus or Loki. If the region matches one of the [GCP regions where Grafana Cloud is hosted](../../../security-and-account-management/regional-availability/), then your stack is hosted on GCP. - A GCP network, where you create a PSC endpoint to forward your telemetry data. - A [GCP Service Directory namespace](https://cloud.google.com/service-directory/docs/overview), to allow PSC to automatically configure the private DNS zone and records for your PSC endpoints. ### Use PSC to send telemetry between GCP regions Grafana Cloud’s GCP PSC integration supports native cross-region connectivity, so you can connect to services hosted in other GCP Regions over PSC endpoints. To set up cross-region connectivity, enable **Global Access** during PSC endpoint creation. ## Set up a PSC Endpoint You can create a PSC endpoint in the GCP console, or provision one using your preferred tool, like Terraform. ### With the GCP Console 01. Open your GCP Console and navigate to **Private Service Connect**. 02. Click the **Connected endpoints** tab. 03. Click **Connect endpoint**. 04. For **Target**, select **Published service**. 05. For **Target service**, enter the service attachment URI from your Grafana Cloud stack. The service attachment URI is in this format: `projects/SERVICE_PROJECT/regions/REGION/serviceAttachments/SERVICE_NAME` - Navigate to your Grafana Cloud account, select your stack, and click **Details** for the service you would like to use; for example Loki. Under the header “Send Logs using GCP Private Service Connect” copy the **Service** field. - Enter provided value into the **Target service** field in the GCP console. 06. For **Endpoint name**, enter a name to use for the endpoint, for example `grafana-loki-us-central`. Note this is also the name for the DNS record. 07. Select a **Network** and **Subnetwork** for the endpoint. 08. Select an **IP address** for the endpoint. If you need a new IP address, you can create one: - Click the **IP address** drop-down menu and select **Create IP address**. - Enter a **Name** and optional **Description** for the IP address. For example, as name you can use `psc-grafana-loki-us-central` - Select **Assign automatically** or **Let me choose**. - If you selected **Let me choose**, enter the Custom IP address you want to use. - Click **Reserve**. 09. To make the endpoint available from any region, select **Enable global access**. If you do not plan to use cross-region connectivity, you can leave this option disabled. 10. Open the **Service Directory** option and select a **Namespace** from the drop-down list; or, create a new namespace for the region. The **Region** is populated based on the selected `subnetwork` . Service Discovery configures a Private DNS zone for `-psc.grafana.net` and create records for the endpoint, in this example `grafana-loki-us-central.us-central1-psc.grafana.net`. 11. Click **Add endpoint**. 12. The new PSC endpoint will be created. 13. After a short period of time, the endpoint is created and status is set to `Available`. 14. Send telemetry to Grafana Cloud using the given private DNS name, in place of the normal `remote_write` endpoint or forwarding URL configured for Grafana Alloy, Prometheus, or other tools you use to connect your data. For more details refer to [Grafana documentation](/docs/grafana-cloud/send-data/). The Private DNS Name always follows the pattern `.-psc.grafana.net`. 15. Repeat this PSC Endpoint creation process for each type of telemetry you would like to send to Grafana Cloud. For example, create one PSC Endpoint each for Cloud Metrics, Logs, Traces, and Profiles. ### With Terraform Use the following snippet to automate PSC Endpoint setup in GCP using Terraform: hcl ![Copy code to clipboard](/media/images/icons/icon-copy-small-2.svg) Copy ```hcl locals { network_id = "" subnetwork_id = "" service_discovery_namespace = "" endpoint_name = "grafana-loki-us-central" grafana_service_attachment = "" grafana_service_region = "" } # IP Address resource "google_compute_address" "loki_psc" { name = local.endpoint_name region = local.grafana_service_region subnetwork = local.subnetwork_id address_type = "INTERNAL" } # PSC endpoint resource "google_compute_forwarding_rule" "loki_psc" { name = local.endpoint_name region = local.grafana_service_region load_balancing_scheme = "" # Explicit empty string required for PSC target = local.grafana_service_attachment network = local.network_id subnetwork = local.subnetwork_id ip_address = google_compute_address.loki_psc.id allow_psc_global_access = true service_directory_registrations { namespace = local.service_discovery_namespace } } ```