Google helps organizations secure their cloud environment, protect their data, and comply with industry regulations. For general information about security across all of Google Cloud, see Google Cloud security overview.
End user security configurations
Managing your Identity and Access Management (IAM) settings within Agentspace Enterprise is crucial for security. The resources listed in this section help you understand the permissions and access controls in Agentspace Enterprise:
- Identity and permissions
- Set up external identities
- Authenticate to Agentspace Enterprise API
- Access control with IAM
The following authentication frameworks are supported:
Agentspace Enterprise data security
Protecting your data from threats, breaches, and identity theft is important. Agentspace Enterprise has the following security measures in place:
- Agentspace Enterprise is integrated with VPC Service Controls.
Default data encryption with Customer Managed Encryption Keys (CMEK).
Agentspace Enterprise also supports External key manager (EKM) or hardware security module (HSM). For information about the limitations that apply to CMEK and EKM, see Limitations of Cloud KMS in Agentspace Enterprise.
Agentspace Enterprise compliance
Data compliance involves meeting legal and regulatory requirements for handling personal and sensitive information. It governs data collection, storage, usage, and security to ensure privacy and protection.
The resources listed in this section provide information to help you maintain data transparency and compliance:
Required Google Cloud APIs
To begin using Agentspace Enterprise, the following APIs must be enabled:
- Vertex AI API
- Agentspace Enterprise (Discovery Engine) API
- Cloud Storage API
- Identity and Access Management API
For more information on getting started with Agentspace Enterprise, see the Before you begin section.
To disable the Agentspace Enterprise (Discovery Engine) API, see Turn off Agentspace Enterprise.