You need to connect your on-premises network to an existing Google Cloud environment that has a Shared VPC with two subnets named Production and Non-Production. The solution must:

• Use a private transport link.
• Configure access to Google Cloud APIs through private endpoints from on-premises.
• Ensure Google Cloud APIs are only accessible via VPC Service Controls.

What should you do?