使用 VPC Service Controls,您可以控制 Sensitive Data Protection 访问数据的方式。利用 VPC Service Controls,您可以定义项目和资源(包括 Sensitive Data Protection 资源)的安全边界。这样,您就可以控制与 Sensitive Data Protection 的通信以及 Sensitive Data Protection 与其他 Google Cloud 服务之间的通信。
VPC Service Controls 可为您的Google Cloud 资源提供额外的安全保障,有助于降低数据渗漏的风险。使用 VPC Service Controls,您可以将项目添加到服务边界,从而防止资源和服务受到源自边界外部的请求的影响。
[[["易于理解","easyToUnderstand","thumb-up"],["解决了我的问题","solvedMyProblem","thumb-up"],["其他","otherUp","thumb-up"]],[["很难理解","hardToUnderstand","thumb-down"],["信息或示例代码不正确","incorrectInformationOrSampleCode","thumb-down"],["没有我需要的信息/示例","missingTheInformationSamplesINeed","thumb-down"],["翻译问题","translationIssue","thumb-down"],["其他","otherDown","thumb-down"]],["最后更新时间 (UTC):2025-09-04。"],[],[],null,["# Securing Sensitive Data Protection resources\n\nUsing VPC Service Controls, you can control how Sensitive Data Protection accesses your\ndata. VPC Service Controls enables you to define a security perimeter around\nyour projects and resources, including Sensitive Data Protection resources. This\nlets you control communication to Sensitive Data Protection and between\nSensitive Data Protection and other Google Cloud services.\n\nVPC Service Controls provides additional security for your\nGoogle Cloud resources to help mitigate the risk of data exfiltration.\nUsing VPC Service Controls, you can add projects to service perimeters that\nprotect resources and services from requests that originate outside the\nperimeter.\n\nTo learn more about service perimeters, see the [Service perimeter\nconfiguration page](/vpc-service-controls/docs/service-perimeters) in the\n[VPC Service Controls documentation](/vpc-service-controls/docs/overview).\n\nSet up a service perimeter around Sensitive Data Protection\n-----------------------------------------------------------\n\nTo learn how to set up a new service perimeter to prohibit external access to\nSensitive Data Protection resources, follow the instructions in [Creating a service\nperimeter](/vpc-service-controls/docs/create-service-perimeters). Be aware of\nthe following Sensitive Data Protection-specific options:\n\n- When you're asked to add the projects that you want to secure, select the project (or projects) that contains the Sensitive Data Protection resources that you want to protect.\n- When you're asked to specify the services that you want to secure within the perimeter, type `dlp` into the **Filter services** field, and then choose **Sensitive Data Protection** from the list.\n\n| **Note:** When you secure Sensitive Data Protection inside a service perimeter, be aware that any services that Sensitive Data Protection interacts with will need to be secured within the same perimeter."]]