Create a HA VPN between the two VPCs that includes the PUPI ranges in the Custom Route Advertisements of the Cloud Router. Create the necessary ingress VPC firewall rules that target the specific resources by using network tags as the source filter.

Create a HA VPN between the two VPCs that includes the PUPI ranges in the Custom Route Advertisements of the Cloud Router. Create the necessary ingress VPC firewall rules that target the specific resources by using IP ranges as the source filter.

Create a VPC Peering between the two VPCs that allows the export and import of custom routes. Create the necessary ingress VPC firewall rules that target the specific resources by using service accounts as the source filter.

Create a VPC Peering between the two VPCs that allows the export and import of subnet routes with public IP addresses. Create the necessary ingress VPC firewall rules that target the specific resources by using IP ranges as the source filter.