Use VPC Service Controls with Memorystore for Memcached

You can protect your Memorystore for Memcached instances using VPC Service Controls.

VPC Service Controls protect against data exfiltration and provide an extra layer of security for your instances. For more information about VPC Service Controls, see Overview of VPC Service Controls.

Once the Memorystore for Memcached API is protected by your service perimeter, Memorystore for Memcached API requests coming from clients outside of the perimeter must have the proper access level rules.

Protecting your Memcached instances using VPC Service Controls

  1. Create a service perimeter.

  2. Add the Memorystore for Memcached API to your service perimeter. For instructions on adding a service to your service perimeter, see Updating a service perimeter.

Configuration requirements

If you use both Shared VPC and VPC Service Controls, you must have the host project that provides the network and the service project that contains the Memcached instance inside the same perimeter in order for Memcached requests to succeed. Otherwise, requests between the service project instance and the host project network are be blocked by the VPC Service Controls service perimeter.

At any time, separating the host project and service project with a perimeter can cause a Memcached instance failure, in addition to blocked requests.

Limitations of VPC Service Controls for Memcached instances

For a list of VPC Service Controls limitations for Memorystore, see Supported products and limitations

What's next