Documentation de VPC Service Controls
VPC Service Controls vous permet de limiter les risques d'exfiltration de données en isolant les ressources des services mutualisés. Google Cloud Avec VPC Service Controls, vous pouvez appliquer un contrôle d'accès adaptatif en fonction de la plage d'adresses IP ou de la confiance de l'appareil pour accéder aux ressources Google Cloud en dehors des réseaux privilégiés. Pour en savoir plus, consultez la page Présentation de VPC Service Controls.
Démarrez votre prochain projet avec 300 $ de crédits offerts
Créez et testez une démonstration de faisabilité avec les crédits d'essai offerts et l'utilisation mensuelle gratuite de plus de 20 produits.
Ressources de documentation
Guides
-
Configurer un périmètre de service à l'aide de la console Google Cloud
-
Ajouter des projets à un périmètre à l'aide de Terraform
-
Périmètres de conception et d'architecture
-
Gérer les configurations de simulation
-
Concevoir des niveaux d'accès
-
Configurer des règles d'entrée et de sortie
-
Autoriser l'accès aux ressources protégées depuis l'extérieur d'un périmètre
-
Créer une règle limitée
-
Configurer une connectivité privée aux API et services Google
Concepts
-
Liste des produits compatibles
-
Présentation des périmètres de service
-
Mode simulation pour tester l'effet des périmètres
-
Présentation des règles d'Ingress et de sortie
-
Présentation des règles de portée
-
Gestion des réseaux VPC dans les périmètres
-
Règles concernant l'inclusion de réseaux VPC dans des périmètres
-
Accès privé à Google avec VPC Service Controls
Documentation de référence et ressources
Vidéos similaires
Securing your AI inference pipeline
Check out part 1 of this video → https://goo.gle/4gpPXzc Google SAIF → https://goo.gle/3Dbfg9s Google AI Supply Chain Security Whitepaper → https://goo.gle/3ZRZf15 Are you leaving the door open for attackers to manipulate your AI model and steal
Securing your AI model development pipeline
Vertex AI Pipelines → https://goo.gle/41IIBSZ Binary Authorization → https://goo.gle/3VOTAGL Vertex AI Pipeline demo → https://goo.gle/4ghaHJE Are you concerned about AI models going rogue? Secure your AI development pipeline using Google Cloud and
How to use customer-managed keys (CMEK)
Cloud services that have a CMEK integration → https://goo.gle/4iKELPm Protection levels → https://goo.gle/49PFyur Learn how Google Cloud's Customer-Managed Encryption Keys (CMEK) simplify data security by managing key access and inventory. This video
Cloud security threat briefing with Mandiant
As organizations increasingly adopt cloud technologies, threat actors have adapted their tactics to exploit vulnerabilities within cloud environments. This threat briefing explores the methods employed by malicious actors to compromise cloud
Ensure the health of cloud resources: How to address software vulnerabilities and identity risk
Which software vulnerabilities in my cloud environment pose the greatest risk, and how do I fix them quickly? What’s the best way to prevent over-permissioned identities from leading to unauthorized cloud access? Join this technical session and learn
What's new with IAM - from least privilege to organization policies and AI-powered assistance
Identities, access controls, and organizational guardrails are at the heart of your cloud security architecture. Google Cloud Identity and Access Management (IAM) is evolving, making it easy for you to onboard your workforce and workloads and empower
Cloud Security Risks: Identify and Protect Against Threats
Hop on over Google Cloud Skills Boost to complete the hands-on labs - https://goo.gle/3Pf5QwL [Course 3 of 5, Google Cloud Cybersecurity Certificate]Delve into the key aspects of identity management and access control in cloud computing, including
Full-stack Identity and Access Management (IAM) – your options on Google Cloud
Learn how Google Cloud enables identity-first, AI/ML-powered, policy-based security to help protect your users, infrastructure, data, and applications. You’ll hear from our experts about the latest enhancements in the Google Cloud identity platform,
Cloud security threat briefing with Mandiant
As organizations increasingly adopt cloud technologies, threat actors have adapted their tactics to exploit vulnerabilities within cloud environments. This threat briefing explores the methods employed by malicious actors to compromise cloud
Secure onboarding to Google Cloud with Identity and Access Management (IAM)
Identity and access management is foundational to your cloud journey – it’s your first step in keeping your cloud resources safe and secure. Even though organizations agree that well-structured identity and access management is necessary to secure
What is IAM? #IAM #InteractiveTutorial
Identity & Access Management is like the bouncer at the Cloud Club, working to protect your cloud deployment and ensure that only authorized principals can access your information. Want to get some hands-on experience with IAM? Check out the
What is Cloud IAM?
What is Identity and Access Management (IAM), and how does it protect your Google Cloud project? In this episode of Serverless Expeditions Extended, Martin teams up with Emanuel to discuss IAM tools. Watch along and learn about the different access
Workforce Identity Federation use case: Extended Workforce
Workforce Identity Federation → https://goo.gle/workforce-identity-federation Identity and Access Management → https://goo.gle/3EQj66O If your business has a presence in the cloud, you may need to allow a third party to use login credentials from a
Simplify identity onboarding
Identity and Access Management (IAM) unifies access control for Google Cloud Services. Workforce Identity Federation is the new offering that extends existing Google Cloud Identity Management capabilities and lets you use your identity provider
How to create and manage custom roles
Custom Roles are an extension of Identity and Access Management (IAM) and are an effective way of enforcing the principle of least privilege in your Google Cloud environment. In this video, you will learn how to create/delete a custom role, add
Troubleshooting group and resource hierarchy permissions
Identity and Access management, or IAM, in Google Cloud gives you precise control over the permissions that users have. In this video, we discuss using the Policy Troubleshooter to investigate group membership and resource hierarchy permissions to
Authenticating users with Workforce Identity Federation
Workforce Identity Federation → https://goo.gle/workforce-identity-federation Managing permissions inside your organization can be done with identity and access management, but when users with a different identity provider need access, things get
How to enable and configure Workload Identity
Workload Identity How-To → https://goo.gle/3PvGkC0 Do you want your GKE workloads to interact with Google Cloud APIs in a safe and secure way? In this video we will show you how to enable and configure Workload Identity to have your workloads
Secure access to GKE workloads with Workload Identity
What authorization types are available for GKE? How do you manage access to your GKE workloads at the cloud and cluster levels? Workload Identity is the recommended way to access Google Cloud services in a secure and manageable way. In this episode
What type of authentication is best for VMs?
Learn more about IAM → https://goo.gle/34xeIcV In this episode of VM End-to-End, Developer Advocates Carter Morgan and Brian Dorsey chat with Developer Advocate for Google Cloud, Emanuel Burgess, about Identity and Access Management (IAM). Watch for
How Target has operationalized policy intelligence tools
How Target operationalizes policy intelligence tools to safely remove millions of permissions. Learn how to mitigate unnecessary work when debugging access issues and safely rollout IAM changes. Resources: Visit the Next '21 website →
Getting started on Google Cloud
Here to bring you the latest news in the Startup program by Google Cloud is Jeevana Hegde! Welcome to the Google Cloud Technical Guide for Startups, a series of videos for technical enablement to help startups to start, build, and grow their
Cloud IAM in a minute
IAM → https://goo.gle/3krSNcM Resource Manager → https://goo.gle/3zjWMwz Policy Intelligence → https://goo.gle/3ihobZ0 Cloud Identity and Access Management allows you to grant fine-grained access to cloud resources and gives you tools to bring ease
Google Cloud Data Catalog essentials: Adding schematized tags and IAM
Learn more → https://goo.gle/3mT0WVU Finding your data assets is one thing. Managing both your technical and business metadata while maintaining proper security requirements is a whole other beast. Luckily, Data Catalog can help. In this video we
Advanced IAM: Hacks, tips, and tricks for policy management
This deep-dive on access policy management in Identity and Access Management covers advanced topics such as avoiding policy change conflicts through concurrency control, policy attachment point discovery, attribute-based access control with IAM
Getting started with BeyondCorp: A deeper look into IAP
An increasing number of Fortune 500 companies have adopted Google Cloud’s Zero Trust solution to protect access to applications across multiple clouds and on-premises data centers. Learn why your company may need to adopt a new security model (known
Mission possible: Moving your most sensitive data to GCP
Learn how you can move your most sensitive data to Google Cloud while configuring data location controls, administrative access controls, and encryption parameters. The session is co-presented with Google Cloud’s solution partner, Deloitte, who
Group Membership and Hierarchy
Cloud Identity and Access management ( IAM) allows you to control what permissions users have to your resources. Learn how user and group permissions work with the resource hierarchy, and how to troubleshoot permissions issues using the IAM Policy
Using Policy Troubleshooter and interpreting the results
Investigating issues as to why a user has access to a resource or doesn't have permission to call an API? In this video, we’ll show you how to use Google Cloud’s IAM Policy Troubleshooter via Cloud Console, helping you gain greater observability over
Artifact Registry: Containerizing and deploying Java applications
In this video, we’ll show you the ongoing evolution of Google Container Registry into Artifact Registry. Specifically, we’ll show you the new features that come with Artifact Registry - such as regional repositories, multiple repositories per