VPC Service Controls is a Google Cloud feature that allows you to set up a service perimeter and create a data transfer boundary. You can use VPC Service Controls with Cloud Tasks to help protect your services.
Supported targets
Once you set up a service perimeter, HTTP requests from a Cloud Tasks execution are allowed for:
- Authenticated requests to VPC Service Controls-compliant
Cloud Run functions targets at
functions.netendpoints - Authenticated requests to VPC Service Controls-compliant
Cloud Run targets at
run.appendpoints
Examples of unsupported targets
Once you set up a service perimeter, HTTP requests from a Cloud Tasks execution are blocked for non-compliant requests. For example, requests to all of the following are blocked:
- Non-VPC Service Controls-compliant Cloud Run functions
targets at
functions.netendpoints - Non-VPC Service Controls-compliant Cloud Run targets at
run.appendpoints - Cloud Run functions targets at non-
functions.netendpoints - Cloud Run targets at non-
run.appendpoints - Non-Cloud Run functions endpoints
- Non-Cloud Run endpoints
What's next
-
To set up a service perimeter, see Create a service perimeter .
-
To adjust the ingress settings of your Cloud Run function, see Configuring network settings .
-
To adjust the ingress settings of your Cloud Run service, see Restricting ingress for Cloud Run .
-
To learn more about VPC Service Controls, see the overview and supported products and limitations .
