VPC Service Controls can help you mitigate the risk of data exfiltration from Dialogflow. Use VPC Service Controls to create a service perimeter that protects the resources and data that you specify. For example, when you use VPC Service Controls to protect Dialogflow, the following artifacts cannot leave your service perimeter:
- Agent data
- Detect intent requests and responses
The following limitations apply:
- Service Directory is not supported.
- When VPC Service Controls is enabled, webhook calls are blocked.
Service perimeter creation
When you create a service perimeter,
include Dialogflow (
dialogflow.googleapis.com) as a protected service.
You aren't required to include any additional services
for Dialogflow to function.
However, Dialogflow won't be able to reach resources outside the perimeter,
such as files in a Cloud Storage bucket that is outside the perimeter.
For more information about creating a service perimeter, see Creating a service perimeter in the VPC Service Controls documentation.