Techniques for utilizing multiple network interfaces for a cloud shell

What is claimed is: 1. A method, comprising: receiving, by virtual machine instance in a private tenancy of a first virtual cloud network, a command to execute an operation on a cloud resource of the virtual cloud network, the command being received from a router via a primary virtual network interface card (vNIC) configured to restrict outgoing traffic from the virtual machine instance; executing, by the virtual machine instance, the operation on the cloud resource; generating, by the virtual machine instance, an output of the execution of the operation on the cloud resource; and transmitting, by the virtual machine instance, a message comprising the output of the execution of the operation to a computing device on a public network different from the virtual cloud network via a secondary virtual network interface card, the secondary virtual network interface card being configured to restrict all incoming traffic to the virtual machine instance, wherein the secondary virtual network interface card is configured to transmit the output of the operation to the computing device on the public network outside of the virtual cloud network via a network gateway. 2. The method of claim 1 , wherein the operation is requested by a user of a user device, and the generating the output of the operation comprises: generating a return message for the user device; and transmitting the return message to the router via the primary virtual network interface card, wherein the primary virtual network interface card is configured to: accept the return message for the user device; and reject the message comprising the output of the execution of the operation. 3. The method of claim 1 wherein the router is in a second virtual cloud network, the second virtual cloud network being different from the first virtual cloud network but also implemented in the private tenancy. 4. The method of claim 1 wherein the network gateway is in a third virtual cloud network, the third virtual cloud network being different from the first virtual cloud network and being implemented outside the private tenancy. 5. The method of claim 4 , wherein: the private tenancy is associated with a first block of IP addresses attributable to network traffic from the private tenancy; a second tenancy outside of the private tenancy is associated with a second block of IP addresses, the second block of IP addresses being different from the first block of IP addresses; and the second block of IP addresses being attributable to network traffic from one or more users of the virtual machine instance. 6. The method of claim 1 , wherein the network gateway comprises a network address translation (NAT) gateway, being configured to transmit messages using an IP address of a block of IP addresses attributable to network traffic from one or more users of the virtual machine instance. 7. A computer system, comprising: one or more processors; a memory in communication with the one or more processors, the memory configured to store computer-executable instructions, wherein executing the computer-executable instructions causes the one or more processors to perform steps comprising: receiving, by a virtual machine instance in a private tenancy of a first virtual cloud network, a command to execute an operation on a cloud resource of the virtual cloud network, the command being received from a router via a primary virtual network interface card (vNIC) configured to restrict outgoing traffic from the virtual machine instance; executing, by the virtual machine instance, the operation on the cloud resource; generating, by the virtual machine instance, an output of the execution of the operation on the cloud resource; and transmitting, by the virtual machine instance, a message comprising the output of the execution of the operation to a shell subnet computing device on a public network different from the virtual cloud network via a secondary virtual network interface card, the secondary virtual network interface card being configured to restrict all incoming traffic to the virtual machine instance, wherein the secondary virtual network interface card is configured to transmit the output of the operation to the computing device on the public network outside of the virtual cloud network via a network gateway. 8. The system of claim 7 , wherein the operation is requested by a user of a user device, and the generating the output of the operation comprises: generating a return message for the user device; and transmitting the return message to the router via the primary virtual network interface card, wherein the primary virtual network interface card is configured to: accept the return message for the user device; and reject the message comprising the output of the execution of the operation. 9. The system of claim 7 , wherein the router is in a second virtual cloud network, the second virtual cloud network being different from the first virtual cloud network but also implemented in the private tenancy. 10. The system of claim 7 , wherein the network gateway is in a third virtual cloud network, the third virtual cloud network being different from the first virtual cloud network and being implemented outside the private tenancy. 11. The system of claim 10 , wherein: the private tenancy is associated with a first block of IP addresses attributable to network traffic from the private tenancy; a second tenancy outside of the private tenancy is associated with a second block of IP addresses, the second block of IP addresses being different from the first block of IP addresses; and the second block of IP addresses being attributable to network traffic from one or more users of the virtual machine instance. 12. The system of claim 7 , wherein the network gateway comprises a network address translation (NAT) gateway, being configured to transmit messages using an IP address of a block of IP addresses attributable to network traffic from one or more users of the virtual machine instance. 13. A non-transitory computer-readable storage medium, storing computer-executable instructions that, when executed, cause one or more processors of a computer system to perform steps comprising: receiving, by a virtual machine instance in a private tenancy of a first virtual cloud network, a command to execute an operation on a cloud resource of the virtual cloud network, the command being received from a router via a primary virtual network interface card (vNIC) configured to restrict outgoing traffic from the virtual machine instance; executing, by the virtual machine instance, the operation on the cloud resource; generating, by the virtual machine instance, an output of the execution of the operation on the cloud resource; and transmitting, by the virtual machine instance, a message comprising the output of the execution of the operation to a shell subnet computing device on a public network different from the virtual cloud network via a secondary virtual network interface card, the secondary virtual network interface card being configured to restrict all incoming traffic to the virtual machine instance, wherein the secondary virtual network interface card is configured to transmit the output of the operation to the computing device on the public network outside of the virtual cloud network via a network gateway. 14. The non-transitory computer-readable storage medium of claim 13 , wherein the operation is requested by a user of a user device, and the generating the output of the operation comprises: generating a return message for the user device; and transmitting the return message to the router