Console
    Contact Us Start free

    Creating a perimeter bridge

    This page describes how to create service perimeter bridges.

    Before you begin

    Create a perimeter bridge

    Console

    1. In the Google Cloud console navigation menu, click Security, and then click VPC Service Controls.

      Go to the VPC Service Controls page

    2. If you are prompted, select your organization.

    3. On the VPC Service Controlspage, click New perimeter.

    4. On the Create a service perimeterpage, in the Titlefield, enter a name for the perimeter.

      You can search for a perimeter only using its name, so we recommend using a unique name for the perimeter. You can't search for a perimeter using its ID.

    5. Optional: In the Descriptionfield, enter a description for the perimeter.

    6. For Perimeter type, select Bridge.

    7. For Enforcement mode, select a perimeter enforcement mode. The available options are Dry runand Enforced.

      For more information about the dry run and enforced modes, see Service perimeter details and configuration .

    8. Click Continue.

    9. Select the projects that you want to secure within the perimeter:

      1. Click Add projects.

      2. In the Add projectspane, in each row corresponding to a project that you want to add to the perimeter, select the checkbox.

      3. Click Add selected projects.

    10. Click Create.

    gcloud

    To create a perimeter bridge, use the following command:

    gcloud access-context-manager perimeters create BRIDGE_NAME 
\
  --title=" BRIDGE_TITLE 
" --perimeter-type=bridge \
  --resources= PROJECTS 
\
  --policy= POLICY_NAME

    Where:

    • BRIDGE_NAME is the name of the perimeter bridge you are creating.

    • BRIDGE_TITLE is the title of the bridge.

    • PROJECTS is a comma-delimited list of one or more project IDs. For example: projects/100712 or projects/100712,projects/233130 . Only numeric IDs are supported. You cannot use the project name.

    • POLICY_NAME is the numeric name of your organization's access policy. For example, 330193482019 .

    API

    To create a perimeter bridge, call accessPolicies.servicePerimeters.create .

    POST https://accesscontextmanager.googleapis.com/v1/accessPolicies/ POLICY_NAME 
/servicePerimeters

    Where:

    • POLICY_NAME is the numeric name of your organization's access policy. For example, 330193482019 .

    Request body

    The request body must include a ServicePerimeter resource that defines the perimeter bridge.

    For the ServicePerimeter resource, specify PERIMETER_TYPE_BRIDGE for perimeterType .

    Response body

    If successful, the response body for the call contains an Operation resource that provides details about the POST operation.
    Design a Mobile Site
    View Site in Mobile | Classic
    Share by: