Sign in to your Google Cloud account. If you're new to
Google Cloud,
create an account to evaluate how our products perform in
real-world scenarios. New customers also get $300 in free credits to
run, test, and deploy workloads.
In the Google Cloud console, on the project selector page,
select or create a Google Cloud project.
Get the roles and permissions required to create a network attachment
and a Cloud Data Fusion instance. For more information, see
Required roles and permissions.
Make sure that you have created a
VPC
or a Shared VPC
network.
Create a private instance with Private Service Connect
Go to the Cloud Data Fusion Instances page, and click Create instance.
In the Instance name field, enter a name for your new instance.
In the Description field, enter a description for your instance.
From the Region drop-down, select the Google Cloud region in which you
want to create the instance.
From the Version drop-down, select 6.10 or later.
Select an Edition.
Expand Advance options and do the following:
Select Enable private IP.
For Connectivity type, select Private Service Connect.
From the Network attachment drop-down, select a network attachment.
If a network attachment is not present, create a new one:
Click Create network attachment.
In the Name field, enter a name for your network attachment.
From the Network drop-down, select a VPC or a Shared VPC
network.
The Region field is auto-updated. Its value is same as the
the Cloud Data Fusion instance. You can't edit this field.
From the Subnetwork drop-down, select a subnetwork range.
For Connection preference, the option
Accept connections for selected projects is auto-selected.
When you create the Cloud Data Fusion instance, the
Cloud Data Fusion tenant project is automatically added to the
Accepted projects list.
Note: The option Automatically accept connections for all projects
is less secure because it allows any service to obtain IP addresses from
your subnet.
Click Create.
On the Create instance page, from the Network attachment
drop-down, select the newly created network attachment.
Click Create. It takes up to 30 minutes for the instance creation
process to complete.
Clean up
To avoid incurring charges to your Google Cloud account for
the resources used on this page, follow these steps.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-29 UTC."],[[["\u003cp\u003eThis guide details the process of creating a private Cloud Data Fusion instance using Private Service Connect, emphasizing the importance of enabling necessary APIs and having appropriate roles and permissions beforehand.\u003c/p\u003e\n"],["\u003cp\u003eThe setup involves selecting a region, version, and edition for the instance, along with enabling private IP and choosing Private Service Connect as the connectivity type.\u003c/p\u003e\n"],["\u003cp\u003eA network attachment must be selected or created, which involves choosing a VPC or Shared VPC network and a subnetwork, while ensuring enough IP addresses are available.\u003c/p\u003e\n"],["\u003cp\u003eThe guide also includes instructions on cleaning up resources, providing methods for deleting the created Cloud Data Fusion instance and, if necessary, deleting the project to avoid continued billing.\u003c/p\u003e\n"],["\u003cp\u003eFollowing the instance setup, users are guided towards creating their first pipeline and learning more about Private Service Connect within Cloud Data Fusion.\u003c/p\u003e\n"]]],[],null,["# Create a private instance with Private Service Connect\n======================================================\n\nLearn how to create a Cloud Data Fusion private instance with\nPrivate Service Connect.\n\n*** ** * ** ***\n\nTo follow step-by-step guidance for this task directly in the\nGoogle Cloud console, click **Guide me**:\n\n[Guide me](https://console.cloud.google.com/freetrial?redirectPath=/?walkthrough_id=data-fusion--configure-private-service-connect)\n\n*** ** * ** ***\n\nBefore you begin\n----------------\n\n- Sign in to your Google Cloud account. If you're new to Google Cloud, [create an account](https://console.cloud.google.com/freetrial) to evaluate how our products perform in real-world scenarios. New customers also get $300 in free credits to run, test, and deploy workloads.\n- In the Google Cloud console, on the project selector page,\n select or create a Google Cloud project.\n\n | **Note**: If you don't plan to keep the resources that you create in this procedure, create a project instead of selecting an existing project. After you finish these steps, you can delete the project, removing all resources associated with the project.\n\n [Go to project selector](https://console.cloud.google.com/projectselector2/home/dashboard)\n-\n [Verify that billing is enabled for your Google Cloud project](/billing/docs/how-to/verify-billing-enabled#confirm_billing_is_enabled_on_a_project).\n\n-\n\n\n Enable the Cloud Data Fusion, BigQuery, Cloud Storage, and Dataproc APIs.\n\n\n [Enable the APIs](https://console.cloud.google.com/flows/enableapi?apiid=datafusion.googleapis.com,bigquery.googleapis.com,storage.googleapis.com,dataproc.googleapis.com)\n\n- In the Google Cloud console, on the project selector page,\n select or create a Google Cloud project.\n\n | **Note**: If you don't plan to keep the resources that you create in this procedure, create a project instead of selecting an existing project. After you finish these steps, you can delete the project, removing all resources associated with the project.\n\n [Go to project selector](https://console.cloud.google.com/projectselector2/home/dashboard)\n-\n [Verify that billing is enabled for your Google Cloud project](/billing/docs/how-to/verify-billing-enabled#confirm_billing_is_enabled_on_a_project).\n\n-\n\n\n Enable the Cloud Data Fusion, BigQuery, Cloud Storage, and Dataproc APIs.\n\n\n [Enable the APIs](https://console.cloud.google.com/flows/enableapi?apiid=datafusion.googleapis.com,bigquery.googleapis.com,storage.googleapis.com,dataproc.googleapis.com)\n\n1.\n\n\n Enable the Cloud Data Fusion, BigQuery, Cloud Storage, and Dataproc APIs.\n\n\n [Enable the APIs](https://console.cloud.google.com/flows/enableapi?apiid=datafusion.googleapis.com,bigquery.googleapis.com,storage.googleapis.com,dataproc.googleapis.com)\n2. Get the roles and permissions required to create a network attachment and a Cloud Data Fusion instance. For more information, see [Required roles and permissions](/data-fusion/docs/how-to/configure-private-service-connect#roles-permissions).\n3. Make sure that you have created a [VPC](/vpc/docs/create-modify-vpc-networks#creating_networks) or a [Shared VPC](/vpc/docs/provisioning-shared-vpc#setting_up_shared_vpc) network.\n\nCreate a private instance with Private Service Connect\n------------------------------------------------------\n\n1. Go to the Cloud Data Fusion **Instances** page, and click **Create instance**.\n\n\n [Create an instance](https://console.cloud.google.com/data-fusion/instance-create)\n\n \u003cbr /\u003e\n\n \u003cbr /\u003e\n\n2. In the **Instance name** field, enter a name for your new instance.\n\n3. In the **Description** field, enter a description for your instance.\n\n4. From the **Region** drop-down, select the Google Cloud region in which you\n want to create the instance.\n\n5. From the **Version** drop-down, select `6.10` or later.\n\n6. Select an **Edition**.\n\n7. Expand **Advance options** and do the following:\n\n 1. Select **Enable private IP**.\n\n 2. For **Connectivity type** , select **Private Service Connect**.\n\n | **Note:** The option to select the connectivity type appears only if you selected a Cloud Data Fusion version that supports Private Service Connect.\n 3. From the **Network attachment** drop-down, select a network attachment.\n\n If a network attachment is not present, create a new one:\n 1. Click **Create network attachment**.\n 2. In the **Name** field, enter a name for your network attachment.\n 3. From the **Network** drop-down, select a VPC or a Shared VPC network.\n 4. The **Region** field is auto-updated. Its value is same as the the Cloud Data Fusion instance. You can't edit this field.\n 5. From the **Subnetwork** drop-down, select a subnetwork range.\n\n | **Note:** The provisioning of a secondary range for a subnet isn't required for Cloud Data Fusion. Each Cloud Data Fusion instance requests up to 32 IP addresses from the network attachment. Ensure that the subnet has enough IP addresses to support the number of Cloud Data Fusion instances that you plan to create.\n 6. For **Connection preference** , the option\n **Accept connections for selected projects** is auto-selected.\n\n When you create the Cloud Data Fusion instance, the\n Cloud Data Fusion tenant project is automatically added to the\n **Accepted projects** list.\n\n\n Note: The option **Automatically accept connections for all projects**\n is less secure because it allows any service to obtain IP addresses from\n your subnet.\n 7. Click **Create**.\n\n 8. On the **Create instance** page, from the **Network attachment**\n drop-down, select the newly created network attachment.\n\n8. Click **Create**. It takes up to 30 minutes for the instance creation\n process to complete.\n\nClean up\n--------\n\n\nTo avoid incurring charges to your Google Cloud account for\nthe resources used on this page, follow these steps.\n\n### Delete the Cloud Data Fusion instance\n\nFollow these instructions to\n[delete your Cloud Data Fusion instance](/data-fusion/docs/how-to/delete-instance).\n\n### Delete the project\n\n\nThe easiest way to eliminate billing is to delete the project that you\ncreated for the tutorial.\n\nTo delete the project:\n\n| **Caution** : Deleting a project has the following effects:\n|\n| - **Everything in the project is deleted.** If you used an existing project for the tasks in this document, when you delete it, you also delete any other work you've done in the project.\n| - **Custom project IDs are lost.** When you created this project, you might have created a custom project ID that you want to use in the future. To preserve the URLs that use the project ID, such as an `appspot.com` URL, delete selected resources inside the project instead of deleting the whole project.\n|\n|\n| If you plan to explore multiple architectures, tutorials, or quickstarts, reusing projects\n| can help you avoid exceeding project quota limits.\n1. In the Google Cloud console, go to the **Manage resources** page.\n\n [Go to Manage resources](https://console.cloud.google.com/iam-admin/projects)\n2. In the project list, select the project that you want to delete, and then click **Delete**.\n3. In the dialog, type the project ID, and then click **Shut down** to delete the project.\n\n\u003cbr /\u003e\n\n\u003cbr /\u003e\n\nWhat's next\n-----------\n\n- [Create your first pipeline](/data-fusion/docs/tutorials/targeting-campaign-pipeline).\n- Learn more about [Private Service Connect](/data-fusion/docs/how-to/configure-private-service-connect) in Cloud Data Fusion."]]
