Taicheng's Profile

VPC Service Controls

VPC Service Controls protect your projects from data exfiltration by creating a perimeter that only allows access to authorized networks. For example, VPC Service Controls can prevent applications and users from reading data from or copying data to a resource outside the perimeter.

Problem

You need a method to prevent data exfiltration from your Google Cloud resources.

Solution

Using VPC Service Controls, you can limit access to only authorized networks, restricting users from copying data outside of the perimeter you defined.

  1. In your Google Cloud Console, open Security and choose VPC Service Controls.
  2. Make sure you have chosen an organization rather than a project. VPC Service Controls are set at the organizational level.
  3. Click New Perimeter.
  4. On the New VPC Service Perimeter page, enter a name for the perimeter.
  5. Select the projects that you want to secure within the perimeter, as shown below:
    1. Click the Add Projects button.
    2. Select that project’s checkbox.
  1. Select the services you want to secure, as shown below.
  1. Click Save.

Taicheng