When You Use a PGA Subnet on Cloud Run, Traffic to Google APIs Is Treated as Internal

At work, I tried to put a source-IP restriction on a certain Google API key and ran into a phenomenon where the setting just wouldn't take effect no matter what I did. Tracing the cause led me to Cloud Run's network path — specifically, the behavior of Private Google Access (PGA).

Since other people are likely to hit the same thing, I'm writing this down as a memo for myself. I hope it helps anyone in a similar situation.

What happened

What I wanted to do was put a source-IP restriction on a Google API key, to limit the damage in case of a leak. I figured "I'll just allow-list Cloud Run's egress IP," but the setting wouldn't block anything. Cloud NAT's static IP was on the allow list, and yet for some reason it didn't take effect.

Cutting to the conclusion: on a subnet with PGA enabled, traffic destined for Google APIs was not going through Cloud NAT — that was the cause.