Set up a service perimeter using VPC Service Controls
Stay organized with collections
Save and categorize content based on your preferences.
VPC Service Controls is a Google Cloud feature that allows you to set
up a service perimeter and create a data transfer boundary. You can use
VPC Service Controls with Workflows to help protect your
services.
HTTP requests from a Workflows execution are supported as
follows:
Authenticated requests
to VPC Service Controls-compliant Google Cloud endpoints are allowed.
Requests to Cloud Run functions and Cloud Run service endpoints are allowed.
Requests to third-party endpoints are blocked.
Requests to non-VPC Service Controls-compliant Google Cloud
endpoints are blocked.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-28 UTC."],[],[],null,["# Set up a service perimeter using VPC Service Controls\n\nVPC Service Controls is a Google Cloud feature that allows you to set\nup a service perimeter and create a data transfer boundary. You can use\nVPC Service Controls with Workflows to help protect your\nservices.\n\nHTTP requests from a Workflows execution are supported as\nfollows:\n\n- [Authenticated requests](/workflows/docs/authenticate-from-workflow#authenticate-apis) to VPC Service Controls-compliant Google Cloud endpoints are allowed.\n- Requests to Cloud Run functions and Cloud Run service endpoints are allowed.\n- Requests to third-party endpoints are blocked.\n- Requests to non-VPC Service Controls-compliant Google Cloud endpoints are blocked.\n\nWhat's next\n-----------\n\n- To learn more about VPC Service Controls, see the\n [overview](/vpc-service-controls/docs/overview) and\n [supported products and limitations](/vpc-service-controls/docs/supported-products).\n\n- For the recommended process to configure and enforce\n VPC Service Controls protection in your Google Cloud organization, see\n [Best practices for enabling VPC Service Controls](/vpc-service-controls/docs/enable).\n\n- For best practices for designing service perimeters, see\n [Design and architect service perimeters](/vpc-service-controls/docs/architect-perimeters).\n\n- To set up a service perimeter, see\n [Create a service perimeter](/vpc-service-controls/docs/create-service-perimeters).\n\n- To invoke a private endpoint, see\n [Invoke a private endpoint using Service Directory's service registry](/workflows/docs/invoke-private-endpoint-vpc)."]]
