We have an application running on Google App Engine. This application needs to connect to either Kubernetes or Compute Engine.
We can't allow this traffic through public Internet. How could we access to Kubernetes, or Compute Engine networks from App Engine, as safe as possible?
This can be achieved using App Engine Flexible [1] as the environment for the service. Configure the service's app.yaml file network settings [2] so it has the same network and subnetwork as the Compute Engine instance or Kubernetes cluster. Use the private IP for the communication.