VPC Service Controls is a Google Cloud feature that allows you to set up a service perimeter and create a data transfer boundary. You can use VPC Service Controls with Workflows to help protect your services.
HTTP requests from a Workflows execution are supported as follows:
- Authenticated requests to VPC Service Controls-compliant Google Cloud endpoints are allowed.
- Requests to Cloud Run functions and Cloud Run service endpoints are allowed.
- Requests to third-party endpoints are blocked.
- Requests to non-VPC Service Controls-compliant Google Cloud endpoints are blocked.
What's next
To learn more about VPC Service Controls, see the overview and supported products and limitations.
For the recommended process to configure and enforce VPC Service Controls protection in your Google Cloud organization, see Best practices for enabling VPC Service Controls.
For best practices for designing service perimeters, see Design and architect service perimeters.
To set up a service perimeter, see Create a service perimeter.
To invoke a private endpoint, see Invoke a private endpoint using Service Directory's service registry.