GCP VPC Network subnets have Private Google access disabled

Description

Enabling Private Google Access for IPv6 can help improve the security of your Google Cloud Platform (GCP) resources by allowing them to access Google APIs and services over IPv6 networks, rather than over the public internet. This can help reduce the risk of your traffic being intercepted or tampered with, as it is routed through Google's private network. Additionally, Private Google Access can help improve the performance and reliability of your GCP resources by reducing network latency and eliminating the need to route traffic through third-party networks.

Fix - Runtime

Fix - Buildtime

Terraform

resource "google_compute_subnetwork" "pass_bidi" {
  name             = "log-test-subnetwork"
  ip_cidr_range    = "10.2.0.0/16"
  stack_type       = "IPV4_IPV6"
  ipv6_access_type = "EXTERNAL"
  region           = "us-central1"
  network          = google_compute_network.custom-test.id
  # purpose="INTERNAL_HTTPS_LOAD_BALANCER" if set ignored
  # log_config {
  #   metadata="EXCLUDE_ALL_METADATA"
  # }
  private_ip_google_access   = true
  private_ipv6_google_access = "ENABLE_BIDIRECTIONAL_ACCESS_TO_GOOGLE"
}