home

Reltio

ReltioProductsDeveloper resourcesRolesApplicationsObjectives
ReltioProductsDeveloper resourcesRolesApplicationsObjectives

Unify and manage your data

Show Contents

thumbnailReltio

Configuring Google Cloud Private Service Connect

Set up Google Cloud Private Service Connect for Reltio

Learn how to set up Google Cloud Private Service Connect so that your Google Cloud VPC can access Reltio services through a private endpoint.

Use Google Cloud Private Service Connect, also known as PSC, to connect your Google Cloud Virtual Private Cloud (VPC) network to Reltio services through a private endpoint. Reltio provides a service attachment URI for your environment, and you create a PSC endpoint in your VPC that targets that service attachment.

Prerequisites

Before you begin, make sure the following prerequisites are met:

  • A Reltio environment URL, such as example-prod.reltio.com.
  • A Google Cloud project with an available VPC network and subnet.
  • A subnet in the same Google Cloud region as the Reltio service attachment.
  • Permissions to create PSC endpoints, reserve internal IP addresses, and manage VPC networking.
  • Permissions to create private DNS zones and DNS records.
  • The Compute Engine API, Service Directory API, and Cloud DNS API enabled in your Google Cloud project.

Submit a support request or contact your Customer Success Manager to enable Google Cloud Private Service Connect for your Reltio environment.

Include the following information in your request:

  • Your Google Cloud Project ID.
  • The Reltio environment hostname that you want to access privately, such as <environment-name>.reltio.com.
  • The tenant ID associated with the environment.
  • The Google Cloud VPC or network context where you plan to create the PSC endpoint.
  • The Google Cloud region where you plan to create the PSC endpoint.

Reltio enables Private Link access for your environment and shares the PSC service attachment URI with you through the support request. The service attachment URI uses the following format:

projects/SERVICE_PROJECT/regions/REGION/serviceAttachments/SERVICE_NAME

Create a Private Service Connect endpoint

In the Google Cloud Console, create a PSC endpoint that targets the service attachment URI provided by Reltio. To create a PSC endpoint, perform the following steps:

  1. Sign in to the Google Cloud Console.
  2. Go to Private Service Connect.
  3. Select the Connected endpoints tab.
  4. Click Connect endpoint.
  5. For Target, select Published service.
  6. For Target service, enter the PSC service attachment URI provided by Reltio.
  7. For Endpoint name, enter a recognizable name for the endpoint.
  8. Select the VPC network for the endpoint.
  9. Select the subnetwork for the endpoint. The region is populated based on the selected subnetwork.
  10. Select an IP address for the endpoint. To reserve a new IP address, select Create IP address, enter the required address details, and click Reserve.
  11. Leave Enable global access cleared unless Reltio confirms that the published service supports global access.
  12. Select an existing namespace or create a namespace for the endpoint.
  13. Click Add endpoint.
  14. Copy the endpoint IP address. You use this value when you create the private DNS record.

For details on each endpoint parameter, see Access published services through endpoints in the Google Cloud documentation.

Confirm endpoint approval

In Google Cloud, confirm that the endpoint connection is accepted before you validate application access. To validate, perform the following steps:

  1. Go to Private Service Connect.
  2. Select the Connected endpoints tab.
  3. Open the endpoint that you created.
  4. Confirm that the connection status is Accepted.

An Accepted status means that the Private Service Connect connection is accepted by the producer and permitted by configuration. This status does not guarantee that traffic can flow through the connection.

Configure firewall and routing

Configure your Google Cloud network so client workloads reaches the PSC endpoint IP address from the required networks.

Review and update the following network settings as needed:

  • Egress firewall rules and firewall policies that apply to the client workloads.
  • Traffic permissions from the required client networks to the internal IP address of the PSC endpoint.
  • Routing from client workloads to the VPC network or Shared VPC network where the PSC endpoint was created.
  • Any egress controls, monitoring, or network policies required by your organization.

Your organization manages firewall rules, routing policies, DNS configuration, and endpoint lifecycle in your Google Cloud environment.

Create private DNS records

In Cloud DNS, create private DNS records so requests from your VPC resolve the Reltio environment hostname to the PSC endpoint IP address. To create a private DNS record, perform the following steps:

  1. In the Google Cloud Console, go to the Create a DNS zone page.
  2. For Zone type, select Private.
  3. Enter a zone name that follows your organization’s naming standards.
  4. For DNS name, enter a DNS suffix that covers the Reltio environment hostname.

    Optional: Enter a description.

  5. Under Options, select Default (private).
  6. Select the VPC networks that must be able to resolve the private DNS record.
  7. Click Create.
  8. Open the private DNS zone that you created.
  9. Click Add standard.
  10. For DNS name, enter the record name that completes the Reltio environment hostname.
  11. For Resource Record Type, select A.
  12. For TTL, enter the time to live value required by your organization, such as 300 seconds.
  13. For IPv4 Address, enter the PSC endpoint IP address.
  14. Click Create.

For example, if your environment URL is example-prod.reltio.com and your private zone is reltio.com, the A record should resemble the following structure:

Name: example-prod
Type: A
TTL: 300
IP address: <private-endpoint-ip>

If your private zone uses the exact environment hostname, such as example-prod.reltio.com, create the A record at the zone apex by leaving the DNS name field blank.

For details on private zones and DNS records, see Create, modify, and delete zones and Add, update, and delete records in the Google Cloud documentation.

Validate private access

From a VM or client system that uses the private DNS zone and can reach the PSC endpoint, validate DNS resolution and HTTPS access to the Reltio environment URL.

If global access is not enabled for the endpoint, validate from a client in the same region as the endpoint. Enable global access only if Reltio confirms that the published service supports it.

From the validation system, run the following command:

nslookup example-prod.reltio.com

The output returns the PSC endpoint IP address, like:

Name:    example-prod.reltio.com
Address: <private-endpoint-ip>

After DNS resolves to the PSC endpoint IP address, access the Reltio environment URL over HTTPS using your standard browser, client application, or approved network validation tool.

If the endpoint status is Accepted but traffic does not reach the Reltio environment, contact Reltio Support.

Result

After completing these steps, your Google Cloud network is ready to access the Reltio Platform through Private Service Connect. Traffic from the configured VPC networks resolves the Reltio environment hostname to the PSC endpoint IP address and reaches Reltio through the private endpoint.

After setup is complete, your organization owns the PSC endpoint lifecycle in Google Cloud, including updates, DNS changes, firewall changes, and decommissioning. For more information about Private Service Connect concepts, see Private Service Connect in the Google Cloud documentation.

Updated on May 8, 2026

Footer

You've found your way to a temporary environment. Content is not complete or final. Looking for Reltio documentation? Go to docs.reltio.com.

© 2026 The RELTIO® mark is a registered trademark of Reltio, Inc. in the United States and other countries; DataDriven, Reltio Context Intelligence Platform and Reltio Data Cloud are trademarks of Reltio, Inc. Other names or marks are trademarks of their respective owners.

Terms and Conditions, Privacy Policy, and