Quickstart

This page shows you how to set up a service perimeter using VPC Service Controls in the Google Cloud Platform Console. For more information about VPC Service Controls, read the Overview of VPC Service Controls.

Before you begin

Create a service perimeter

  1. In the Google Cloud Platform Console, go to the VPC Service Controls page.

    Go to the VPC Service Controls page

  2. If you are prompted, select your Organization.

  3. At the top of the VPC Service Controls page, click New Perimeter.

  4. On the New VPC Service Perimeter page, in the Perimeter Name box, type a name for the perimeter.

  5. Select the projects that you want to secure within the perimeter:

    1. Click the Add Projects button.

    2. In the Add Projects window, in each row corresponding to a project that you want add to the perimeter, select the checkbox.

    3. Click the Add n Projects button, where n is the number of projects you selected in the previous step.

      Add projects UI

  6. Select the services that you want to secure within the perimeter:

    1. Click the Add Services button.

    2. In the Specify services to restrict window, in each row corresponding to a service that you want to protect, select the checkbox.

    3. Click the Add n Services button, where n is the number of services you selected in the previous step.

      Restrict services UI

  7. Click the Save button.

You just created a service perimeter! The service perimeter may take up to 30 minutes to propagate and take effect. When the changes have propagated, access to the services you selected will be limited to the projects you added to the perimeter.

Additionally, the GCP Console interface for the services that you protected with the perimeter may become partially or fully inaccessible. For example, if you protected Logging with the perimeter, you will not be able to access the Logging interface in the GCP Console.

Clean up

To remove the perimeter you created using this quickstart:

  1. In the Google Cloud Platform Console, go to the VPC Service Controls page.

    Go to the VPC Service Controls page

  2. If you are prompted, select your organization.

  3. On the VPC Service Controls page, in the row corresponding to the perimeter that you created, click the button.

  4. In the dialog box, click the Delete button to confirm that you want to delete the perimeter.

What's next

Send feedback about...

VPC Service Controls