Defining a perimeter for Confidential VM instances

Using a combination of Shared Virtual Private Cloud (VPC) networks, organization policy constraints, and firewall rules, you can set up a security perimeter that ensures your Confidential VM instances can only interact with other Confidential VM instances. This security perimeter can be established around Confidential VM instances that reside inside the same project or in separate projects.

Before you begin

To create a security perimeter, you need the following administrative roles:

  • Organization Admin (resourcemanager.organizationAdmin)
  • Shared VPC Admin (compute.xpnAdmin and resourcemanager.projectIamAdmin)
  • Service Project Admin (compute.networkUser)

To learn more about these roles, see Required administrative roles in the Shared VPC overview.

Create a Confidential VM perimeter

To create a security perimeter around your Confidential VM instances, do the following:

  1. Create a folder under the organization called confidential-perimeter that defines your Confidential VM perimeter.
  2. Inside the folder, create a shared VPC host project that defines the perimeter for Confidential Computing.

Once you've created a VPC host project, share the project by granting your networking team access.

Enforce the perimeter

To prevent service projects from allowing non-Confidential VM instances from interacting with the perimeter, apply the following organization policy constraints to your confidential-perimeter folder as indicated:

Constraint Set to Description
constraints/compute.restrictNonConfidentialComputing deny This forces all service projects to create Confidential VM instances only.
constraints/compute.restrictSharedVpcHostProjects under: FOLDER_ID This prevents projects inside the perimeter from creating another Shared VPC host project. Replace FOLDER_ID with the actual [identifier](/resource-manager/docs/creating-managing-folders#viewing_or_listing_folders_and_projects) of your confidential-perimeter folder.
constraints/compute.restrictVpcPeering is: [] This prevents service projects from peering network and network connections outside of the perimeter.
constraints/compute.vmExternalIpAccess is: [] This forces all Confidential VM instances in service projects to use internal IPs.
constraints/compute.restrictLoadBalancerCreationForTypes allowedValues: ["INTERNAL_TCP_UDP", "INTERNAL_HTTP_HTTPS",] This prevents all VM instances from defining an Internet-visible ingress point. You may override this for specific projects in your perimeter that should have ingress—for example, your DMZ.

To control the allowed network egress outside of the perimeter, use VPC firewall rules.

What's next

You can use VPC Service Controls to extend the security perimeter to cover Google Cloud resources. To learn more, see Overview of VPC Service Controls.