Rules for including VPC networks in service perimeters

This document lists the rules to add VPC networks to VPC Service Controls.

When you add VPC networks to service perimeters, the following rules apply:

  • If the host project is not protected by a perimeter, you can add VPC networks in the host project to separate perimeters under the same access policy.

  • VPC networks in the same host project must exist under the same access policy.

  • You can add VPC networks and their host project to the same perimeter.

  • VPC networks and their host project must not exist in different perimeters.

  • You cannot add a VPC network to multiple perimeters.

  • You cannot use VPC networks in a perimeter bridge.

What's next