Firewall
Google Cloud NetApp Volumes exposes multiple TCP ports to serve NFS and SMB shares:
Additionally, SMB, NFS with LDAP including Kerberos, and dual-protocol configurations require access to a Windows Active Directory domain. Active Directory connections must be configured on a per-region basis. Active Directory Domain controllers (DC) are identified by using DNS-based DC discovery using the specified DNS servers. Any of the DCs returned are used. The list of eligible DCs can be limited by specifying an Active Directory site.
Google Cloud NetApp Volumes reaches out with IP addresses from the CIDR range allocated with the gcloud compute address
command while on-boarding the Google Cloud NetApp Volumes. You can use this CIDR as source addresses to configure inbound firewalls to your Active Directory domain controllers.
Active Directory Domain Controllers must expose ports to the Google Cloud NetApp Volumes CIDRs as mentioned here.