- You'll need to setup a GCP network/subnetwork and obtain some access creds in the json format. All boxes on there should be internal only
- You'll then need to create a jumpbox/bastion (as per this design) with a static ip that has public access. Exposing a firewall rule to allow ssh (port 22, tcp), also setup automatic, unattended security updates
- To allow bosh to route through this "bastion" you'll need to run the following at the commandline
# -D : the local SOCKS5 port
# -f : forks the process in the background
# -C : compresses the data before sending
# -q : quiet mode (wrt the ssh output)
# -N : Tells SSH that no command will be sent once the tunnel is up