Supported products by control package

The following table lists products and services that are supported by Sovereign Controls by Partners for each control package. If a service is not listed for a given control package, that service is unsupported and has not met the control requirements for the control package. Unsupported products are not recommended for use by Sovereign Controls by Partners customers without due diligence and a thorough understanding of your responsibilities in the shared responsibility model. Unsupported products may share an API endpoint with supported products, making them available to all users.


Control package Supported products Global API endpoints 1
Local Controls by S3NS
Access Transparency accessapproval.googleapis.com
Artifact Registry artifactregistry.googleapis.com
BigQuery [2] bigquery.googleapis.com
bigqueryconnection.googleapis.com
bigquerydatapolicy.googleapis.com
bigquerydatatransfer.googleapis.com
bigqueryreservation.googleapis.com
bigquerystorage.googleapis.com
Bigtable bigtable.googleapis.com
bigtableadmin.googleapis.com
Cloud Composer composer.googleapis.com
Compute Engine compute.googleapis.com
Sensitive Data Protection dlp.googleapis.com
Dataflow dataflow.googleapis.com
datapipelines.googleapis.com
Dataproc dataproc-control.googleapis.com
dataproc.googleapis.com
Cloud DNS dns.googleapis.com
Filestore file.googleapis.com
GKE Identity Service anthosidentityservice.googleapis.com
Google Cloud Armor compute.googleapis.com
Identity and Access Management (IAM) iam.googleapis.com
Identity-Aware Proxy iap.googleapis.com
Cloud Key Management Service (Cloud KMS) cloudkms.googleapis.com
Cloud HSM cloudkms.googleapis.com
Cloud External Key Manager (Cloud EKM) cloudkms.googleapis.com
Google Kubernetes Engine container.googleapis.com
containersecurity.googleapis.com
Cloud Load Balancing compute.googleapis.com
Cloud Logging logging.googleapis.com
Cloud Monitoring monitoring.googleapis.com
Network Connectivity Center networkconnectivity.googleapis.com
Cloud NAT networkconnectivity.googleapis.com
Cloud Router networkconnectivity.googleapis.com
Cloud Interconnect networkconnectivity.googleapis.com
Organization Policy Service orgpolicy.googleapis.com
Persistent Disk compute.googleapis.com
Pub/Sub pubsub.googleapis.com
Resource Manager cloudresourcemanager.googleapis.com
Resource Settings resourcesettings.googleapis.com
Cloud Run run.googleapis.com
Secret Manager secretmanager.googleapis.com
Service Directory servicedirectory.googleapis.com
Spanner spanner.googleapis.com
Cloud SQL sqladmin.googleapis.com
Cloud Storage storage.googleapis.com
Virtual Private Cloud (VPC) compute.googleapis.com
VPC Service Controls accesscontextmanager.googleapis.com
Cloud VPN compute.googleapis.com
Sovereign-Controls by PSN
Access Transparency accessapproval.googleapis.com
Artifact Registry artifactregistry.googleapis.com
BigQuery [2] bigquery.googleapis.com
bigqueryconnection.googleapis.com
bigquerydatapolicy.googleapis.com
bigquerydatatransfer.googleapis.com
bigqueryreservation.googleapis.com
bigquerystorage.googleapis.com
Bigtable bigtable.googleapis.com
bigtableadmin.googleapis.com
Cloud Composer composer.googleapis.com
Compute Engine compute.googleapis.com
Sensitive Data Protection dlp.googleapis.com
Dataflow dataflow.googleapis.com
datapipelines.googleapis.com
Dataproc dataproc-control.googleapis.com
dataproc.googleapis.com
Cloud DNS dns.googleapis.com
Filestore file.googleapis.com
GKE Identity Service anthosidentityservice.googleapis.com
Google Cloud Armor compute.googleapis.com
Identity and Access Management (IAM) iam.googleapis.com
Identity-Aware Proxy iap.googleapis.com
Cloud Key Management Service (Cloud KMS) cloudkms.googleapis.com
Cloud HSM cloudkms.googleapis.com
Cloud External Key Manager (Cloud EKM) cloudkms.googleapis.com
Google Kubernetes Engine container.googleapis.com
containersecurity.googleapis.com
Cloud Load Balancing compute.googleapis.com
Cloud Logging logging.googleapis.com
Cloud Monitoring monitoring.googleapis.com
Network Connectivity Center networkconnectivity.googleapis.com
Cloud NAT networkconnectivity.googleapis.com
Cloud Router networkconnectivity.googleapis.com
Cloud Interconnect networkconnectivity.googleapis.com
Organization Policy Service orgpolicy.googleapis.com
Persistent Disk compute.googleapis.com
Pub/Sub pubsub.googleapis.com
Resource Manager cloudresourcemanager.googleapis.com
Resource Settings resourcesettings.googleapis.com
Cloud Run run.googleapis.com
Secret Manager secretmanager.googleapis.com
Service Directory servicedirectory.googleapis.com
Spanner spanner.googleapis.com
Cloud SQL sqladmin.googleapis.com
Cloud Storage storage.googleapis.com
Virtual Private Cloud (VPC) compute.googleapis.com
VPC Service Controls accesscontextmanager.googleapis.com
Cloud VPN compute.googleapis.com
Sovereign Controls by SIA/Minsait
Access Transparency accessapproval.googleapis.com
Artifact Registry artifactregistry.googleapis.com
BigQuery [2] bigquery.googleapis.com
bigqueryconnection.googleapis.com
bigquerydatapolicy.googleapis.com
bigquerydatatransfer.googleapis.com
bigqueryreservation.googleapis.com
bigquerystorage.googleapis.com
Bigtable bigtable.googleapis.com
bigtableadmin.googleapis.com
Cloud Composer composer.googleapis.com
Compute Engine compute.googleapis.com
Sensitive Data Protection dlp.googleapis.com
Dataflow dataflow.googleapis.com
datapipelines.googleapis.com
Dataproc dataproc-control.googleapis.com
dataproc.googleapis.com
Cloud DNS dns.googleapis.com
Filestore file.googleapis.com
Identity and Access Management (IAM) iam.googleapis.com
Identity-Aware Proxy iap.googleapis.com
Cloud Key Management Service (Cloud KMS) cloudkms.googleapis.com
Cloud HSM cloudkms.googleapis.com
Cloud External Key Manager (Cloud EKM) cloudkms.googleapis.com
GKE Identity Service anthosidentityservice.googleapis.com
Google Cloud Armor compute.googleapis.com
Google Kubernetes Engine container.googleapis.com
containersecurity.googleapis.com
Cloud Load Balancing compute.googleapis.com
Cloud Logging logging.googleapis.com
Cloud Monitoring monitoring.googleapis.com
Network Connectivity Center networkconnectivity.googleapis.com
Cloud NAT networkconnectivity.googleapis.com
Cloud Router networkconnectivity.googleapis.com
Cloud Interconnect networkconnectivity.googleapis.com
Organization Policy Service orgpolicy.googleapis.com
Persistent Disk compute.googleapis.com
Pub/Sub pubsub.googleapis.com
Resource Manager cloudresourcemanager.googleapis.com
Resource Settings resourcesettings.googleapis.com
Cloud Run run.googleapis.com
Secret Manager secretmanager.googleapis.com
Service Directory servicedirectory.googleapis.com
Spanner spanner.googleapis.com
Cloud SQL sqladmin.googleapis.com
Cloud Storage storage.googleapis.com
Virtual Private Cloud (VPC) compute.googleapis.com
VPC Service Controls accesscontextmanager.googleapis.com
Cloud VPN compute.googleapis.com
Sovereign Controls Advanced by CNTXT
Access Transparency accessapproval.googleapis.com
Artifact Registry artifactregistry.googleapis.com
BigQuery [2] bigquery.googleapis.com
bigqueryconnection.googleapis.com
bigquerydatapolicy.googleapis.com
bigqueryreservation.googleapis.com
bigquerystorage.googleapis.com
Bigtable bigtable.googleapis.com
bigtableadmin.googleapis.com
Compute Engine compute.googleapis.com
Sensitive Data Protection dlp.googleapis.com
Dataflow dataflow.googleapis.com
datapipelines.googleapis.com
Dataproc dataproc-control.googleapis.com
dataproc.googleapis.com
Cloud DNS dns.googleapis.com
Essential Contacts essentialcontacts.googleapis.com
Filestore file.googleapis.com
Cloud Next Generation Firewall compute.googleapis.com
Google Cloud Armor compute.googleapis.com
Identity and Access Management (IAM) iam.googleapis.com
Identity-Aware Proxy iap.googleapis.com
Cloud Key Management Service (Cloud KMS) cloudkms.googleapis.com
Cloud HSM cloudkms.googleapis.com
Cloud External Key Manager (Cloud EKM) cloudkms.googleapis.com
Google Kubernetes Engine container.googleapis.com
containersecurity.googleapis.com
GKE Hub gkehub.googleapis.com
Cloud Load Balancing compute.googleapis.com
Cloud Logging logging.googleapis.com
Cloud Monitoring monitoring.googleapis.com
Network Connectivity Center networkconnectivity.googleapis.com
Cloud NAT networkconnectivity.googleapis.com
Cloud Router networkconnectivity.googleapis.com
Cloud Interconnect networkconnectivity.googleapis.com
Organization Policy Service orgpolicy.googleapis.com
Persistent Disk compute.googleapis.com
Pub/Sub pubsub.googleapis.com
Resource Manager cloudresourcemanager.googleapis.com
Cloud Run run.googleapis.com
Secret Manager secretmanager.googleapis.com
Service Directory servicedirectory.googleapis.com
Spanner spanner.googleapis.com
Cloud SQL sqladmin.googleapis.com
Cloud Storage storage.googleapis.com
Virtual Private Cloud compute.googleapis.com
VPC Service Controls accesscontextmanager.googleapis.com
Cloud VPN compute.googleapis.com
Sovereign Controls Foundation by CNTXT
Access Transparency accessapproval.googleapis.com
Artifact Registry artifactregistry.googleapis.com
BigQuery [2] bigquery.googleapis.com
bigqueryconnection.googleapis.com
bigquerydatapolicy.googleapis.com
bigqueryreservation.googleapis.com
bigquerystorage.googleapis.com
Bigtable bigtable.googleapis.com
bigtableadmin.googleapis.com
Compute Engine compute.googleapis.com
Sensitive Data Protection dlp.googleapis.com
Dataflow dataflow.googleapis.com
datapipelines.googleapis.com
Dataproc dataproc-control.googleapis.com
dataproc.googleapis.com
Cloud DNS dns.googleapis.com
Essential Contacts essentialcontacts.googleapis.com
Filestore file.googleapis.com
Cloud Next Generation Firewall compute.googleapis.com
Google Cloud Armor compute.googleapis.com
Identity and Access Management (IAM) iam.googleapis.com
Identity-Aware Proxy iap.googleapis.com
Cloud Key Management Service (Cloud KMS) cloudkms.googleapis.com
Cloud HSM cloudkms.googleapis.com
Cloud External Key Manager (Cloud EKM) cloudkms.googleapis.com
Google Kubernetes Engine container.googleapis.com
containersecurity.googleapis.com
GKE Hub gkehub.googleapis.com
Cloud Load Balancing compute.googleapis.com
Cloud Logging logging.googleapis.com
Cloud Monitoring monitoring.googleapis.com
Network Connectivity Center networkconnectivity.googleapis.com
Cloud NAT networkconnectivity.googleapis.com
Cloud Router networkconnectivity.googleapis.com
Cloud Interconnect networkconnectivity.googleapis.com
Organization Policy Service orgpolicy.googleapis.com
Persistent Disk compute.googleapis.com
Pub/Sub pubsub.googleapis.com
Resource Manager cloudresourcemanager.googleapis.com
Cloud Run run.googleapis.com
Secret Manager secretmanager.googleapis.com
Service Directory servicedirectory.googleapis.com
Spanner spanner.googleapis.com
Cloud SQL sqladmin.googleapis.com
Cloud Storage storage.googleapis.com
Virtual Private Cloud compute.googleapis.com
VPC Service Controls accesscontextmanager.googleapis.com
Cloud VPN compute.googleapis.com
T-Systems Sovereign Cloud
Access Transparency accessapproval.googleapis.com
Artifact Registry artifactregistry.googleapis.com
BigQuery [2] bigquery.googleapis.com
bigqueryconnection.googleapis.com
bigquerydatapolicy.googleapis.com
bigquerydatatransfer.googleapis.com
bigqueryreservation.googleapis.com
bigquerystorage.googleapis.com
Bigtable bigtable.googleapis.com
bigtableadmin.googleapis.com
Cloud Composer composer.googleapis.com
Compute Engine compute.googleapis.com
Sensitive Data Protection dlp.googleapis.com
Dataflow dataflow.googleapis.com
datapipelines.googleapis.com
Dataproc dataproc-control.googleapis.com
dataproc.googleapis.com
Cloud DNS dns.googleapis.com
Filestore file.googleapis.com
GKE Identity Service anthosidentityservice.googleapis.com
Google Cloud Armor compute.googleapis.com
Identity and Access Management (IAM) iam.googleapis.com
Identity-Aware Proxy iap.googleapis.com
Cloud Key Management Service (Cloud KMS) cloudkms.googleapis.com
Cloud HSM cloudkms.googleapis.com
Cloud External Key Manager (Cloud EKM) cloudkms.googleapis.com
Google Kubernetes Engine container.googleapis.com
containersecurity.googleapis.com
Cloud Load Balancing compute.googleapis.com
Cloud Logging logging.googleapis.com
Cloud Monitoring monitoring.googleapis.com
Network Connectivity Center networkconnectivity.googleapis.com
Cloud NAT networkconnectivity.googleapis.com
Cloud Router networkconnectivity.googleapis.com
Cloud Interconnect networkconnectivity.googleapis.com
Organization Policy Service orgpolicy.googleapis.com
Persistent Disk compute.googleapis.com
Pub/Sub pubsub.googleapis.com
Resource Manager cloudresourcemanager.googleapis.com
Resource Settings resourcesettings.googleapis.com
Cloud Run run.googleapis.com
Secret Manager secretmanager.googleapis.com
Service Directory servicedirectory.googleapis.com
Spanner spanner.googleapis.com
Cloud SQL sqladmin.googleapis.com
Cloud Storage storage.googleapis.com
Virtual Private Cloud (VPC) compute.googleapis.com
VPC Service Controls accesscontextmanager.googleapis.com
Cloud VPN compute.googleapis.com

Footnotes

1. Depending on the control package you choose, different API endpoint types may be available. The API endpoints listed on this page are global API endpoints, but regional or locational API endpoints may be available or required for a given control package.

2. BigQuery is supported, but it isn't automatically enabled when you create a new Assured Workloads folder due to an internal configuration process. This process normally finishes in ten minutes, but can take much longer in some circumstances. To check whether the process is finished and to enable BigQuery, complete following steps:

  1. In the Google Cloud console, go to the Assured Workloads page.

    Go to Assured Workloads

  2. Select your new Assured Workloads folder from the list.
  3. On the Folder Details page in the Allowed services section, click Review Available Updates.
  4. In the Allowed services pane, review the services to be added to the Resource Usage Restriction organization policy for the folder. If BigQuery services are listed, click Allow Services to add them.

    If BigQuery services are not listed, wait for the internal process to complete. If the services are not listed within 12 hours of folder creation, contact Cloud Customer Care.

After the enablement process is completed, you can use BigQuery in your Assured Workloads folder.

Gemini in BigQuery is not supported by Assured Workloads.