Info icon
End of Life Notice: For Trend Cloud One™ - Conformity Customers, Conformity will reach its End of Sale on “July 31st, 2025” and End of Life “July 31st, 2026”. The same capabilities and much more is available in Trend Vision One™ Cloud Risk Management. For details, please refer to Upgrade to Trend Vision One
Logo of Trend Micro
Use the Knowledge Base AI to help improve your Cloud Posture

Use VPC Service Controls for Dialogflow

Trend Vision One™ provides continuous assurance that gives peace of mind for your cloud infrastructure, delivering over 1100 automated best practice checks.

Risk Level: Very High (not acceptable risk)

To prevent data exfiltration, ensure that VPC Service Controls are used to configure a security perimeter around your Google Cloud Dialogflow resources. This feature helps to enhance the security posture of your cloud environment.

Security

VPC Service Controls (VPC-SC) is a powerful security tool in Google Cloud Platform (GCP) that allows you to restrict Dialogflow access to specific networks and clients. Enabling VPC Service Controls for Dialogflow resources enhances security by restricting data access to trusted entities, preventing unauthorized data exfiltration, and ensuring compliance with organizational policies while maintaining functionality for approved internal services.

Audit

To determine if VPC Service Controls perimeters are used to protect your Dialogflow resources, perform the following operations:

Using GCP Console

01 Sign in to the Google Cloud Management Console using your organization management account credentials.

02 Select the Google Cloud Platform (GCP) project that you want to examine from the console top navigation bar. Make sure to choose the GCP project containing the Dialogflow resources you want to protect.

03 Navigate to Security console available at https://console.cloud.google.com/security.

04 In the left navigation panel, under Zero Trust, select VPC Service Controls to access the list with all the VPC Service Perimeters defined for the selected GCP project. VPC Service Perimeters act as firewalls for GCP APIs, establishing security boundaries that control data flow between your cloud resources.

05 Select the Enforced mode tab and click on the name of the service perimeter that you want to examine, listed in the Title column. If there are no service perimeters listed on the Enforced mode panel, VPC Service Controls are not used to protect the Dialogflow resources within the selected GCP project and the Audit process ends here. Otherwise, you can continue the Audit process with the next step.

06 If one or more service perimeters exist, click on the name (link) of the perimeter that you want to examine. On the Service perimeter details page, ensure that your GCP project is listed for Projects under Resources to protect and Dialogflow API (dialogflow.googleapis.com) is listed under Restricted Services. If your project is not available under Resources to protect, and/or Dialogflow API is not listed under Restricted Services, the Google Cloud Dialogflow resources deployed to the selected GCP project are not protected by the selected VPC Service Perimeter. As a result, VPC Service Controls are not used to safeguard your sensitive data from unauthorized access and exfiltration.

07 Repeat steps no. 5 and 6 for each VPC Service Perimeter created for the selected GCP project.

08 Repeat steps no. 2 – 7 for each GCP project deployed for your Google Cloud organization.

Using GCP CLI

01 Run projects list command (Windows/macOS/Linux) with your organization management account credentials, to list the ID of each project available in your Google Cloud organization: 

gcloud projects list
	--format="value(projectId)"

02 The command output should return the requested GCP project identifiers (IDs): 

cc-project5-123123
cc-ai-project-123123

03 Run access-context-manager perimeters list command (Windows/macOS/Linux) with the ID of the GCP project that contains your Dialogflow resources as the identifier parameter, to list all the VPC Service Perimeters defined for the selected project. VPC Service Perimeters act as firewalls for GCP APIs, establishing security boundaries that control data flow between your cloud resources: 

gcloud access-context-manager perimeters list
	--project cc-project5-123123
	--format="default(name)"

04 The command request should return the requested service perimeter IDs (i.e., fully qualified identifiers): 

name: accessPolicies/123412341234/servicePerimeters/cc_project5_perimeter
name: accessPolicies/123412341234/servicePerimeters/cc_gke_service_perimeter

If the access-context-manager perimeters list command does not produce an output, VPC Service Controls are not used to protect the Dialogflow resources within the selected GCP project and the Audit process ends here. If the command output returns one or more perimeter names, as shown in the example above, you can continue the Audit process with the next step.

05 Run access-context-manager perimeters describe command (Windows/macOS/Linux) with the ID of the VPC Service Perimeter that you want to examine as the identifier parameter, to list the Google Cloud services protected by the selected perimeter: 

gcloud access-context-manager perimeters describe "accessPolicies/123412341234/servicePerimeters/cc_project5_perimeter"
	--format="yaml(status.restrictedServices)"

06 The command request should return the name of each protected Google Cloud service (API): 

status:
	restrictedServices:
	- storage.googleapis.com
	- file.googleapis.com
	- documentai.googleapis.com
	- cloudtasks.googleapis.com
	- cloudfunctions.googleapis.com

If the restrictedServices list returned by the command output does not include dialogflow.googleapis.com, the Google Cloud Dialogflow resources created for the selected GCP project are not protected by the selected VPC Service Perimeter. As a result, VPC Service Controls are not employed to protect your sensitive data from unauthorized access or exfiltration.

07 Repeat steps no. 5 and 6 for each VPC Service Perimeter deployed for the selected GCP project.

08 Repeat steps no. 3 – 7 for each GCP project available within your Google Cloud organization.

Remediation / Resolution

To ensure that VPC Service Controls perimeters are used to protect your Dialogflow resources, perform the following operations:

Using GCP Console

01 Sign in to the Google Cloud Management Console using your organization management account credentials.

02 Select the Google Cloud Platform (GCP) project that you want to access from the console top navigation bar. Make sure to choose the GCP project containing the Dialogflow resources you want to protect.

03 Navigate to Security console available at https://console.cloud.google.com/security.

04 In the left navigation panel, under Zero Trust, select VPC Service Controls.

05 Select the Enforced mode tab, choose New perimeter, and perform the following actions to create a VPC Service Perimeter that encompasses the resources you want to protect. This perimeter acts as a boundary for your cloud resources:

  1. For Details, provide a unique name for your perimeter in the Title box, set the Perimeter type to Regular and Enforcement mode to Enforced. A regular perimeter protects services on the projects it contains. Choose Continue to continue the setup process.
  2. For Resources to protect, choose Add projects under Projects, and select which GCP project(s) you wish to be part of the perimeter. Once your GCP projects are selected, choose Add selected projects to save the changes. Choose Continue to continue.
  3. For Restricted Services, choose Add services, and select which Google Cloud services must be protected by the perimeter. To select the Dialogflow service, choose Add services, find the Dialogflow API service (i.e., dialogflow.googleapis.com), and choose Add selected services. (Optional) You can also choose Select all and Add selected services to protect all the Google Cloud services supported by VPC Service Controls. Choose Continue to continue the setup process.
  4. For VPC accessible services, specify which services are accessible inside the perimeter. To include all the restricted services that the perimeter protects to the list of accessible services, choose All restricted services. If you want to select individual services that will be accessible inside the service perimeter, choose Select services, select Add services, choose Dialogflow API (i.e., dialogflow.googleapis.com), then select Add selected services to save the changes. Choose Continue and skip the Access levels step.
  5. By default, access from the Internet to cloud resources within a service perimeter is denied. However, you can allow access based on the context of the request. This can be achieved by creating ingress rules that permit access based on attributes such as the source IP address, identity, or originating GCP project. If requests from the Internet fail to meet the criteria specified in the ingress rule, they will be denied. For Ingress Policy, choose Add an ingress rule, and perform the following actions to create an ingress rule for your perimeter:
    1. For Title, provide a title that describes the ingress rule.
    2. For From Identities AND Sources, specify the identities and sources from outside the perimeter that require access.
    3. For To Resources AND Operations or IAM roles, specify the project(s) within the service perimeter that identities and sources can access. For Operations or IAM roles, choose All operations.
    4. For the complete list of ingress rule attributes, see the Ingress rules reference page.
    5. Choose Continue to continue the setup.
  6. For Egress Policy, choose Add an egress rule, and configure the required attributes to create an egress rule for your new perimeter based on your use case. To create a functional egress rule, add at least an identity attribute, a resource (local or external), and a service attribute. For the complete list of egress rule attributes, see the Egress rules reference page. To configure a functional egress rule, add at least an identity attribute, a resource, and a service attribute.
  7. Choose Create to deploy your new VPC Service Perimeter. This will protect the Google Cloud Dialogflow resources within the selected GCP project from data exfiltration.

06 Repeat steps no. 2 – 5 for each GCP project deployed for your Google Cloud organization.

Using GCP CLI

01 By default, access from the Internet to cloud resources within a service perimeter is denied. However, you can allow access based on the context of the request. This can be achieved by creating ingress rules that permit access based on attributes such as the source IP address, identity, or originating GCP project. If requests from the Internet fail to meet the criteria specified in the ingress rule, they will be denied. Create an ingress rule for your VPC Service Perimeter and save the configuration document to an YAML file named ingress-rule-config.yaml. As an example, the following ingress rule allows the user account specified by the identities attribute to access any Dialogflow resources available within the perimeter. For the complete list of ingress rule attributes, see the Ingress rules reference page: 

- ingressFrom:
	identities:
	- user:username@domain.com
	sources:
	- accessLevel: '*'
	ingressTo:
	operations:
	- serviceName: dialogflow.googleapis.com
		methodSelectors:
		- method: '*'
	resources:
	- '*'

02 Run organizations list command (Windows/macOS/Linux) with your organization management account credentials to describe the ID of your Google Cloud organization: 

gcloud organizations list
	--format="value(name)"

03 The command output should return the requested organization identifier: 

112233441122

04 Run access-context-manager policies list command (Windows/macOS/Linux) to describe the access policy associated with your Google Cloud organization: 

gcloud access-context-manager policies list
	--organization 112233441122gcloud access-context-manager policies list
	--organization 112233441122

05 The command output should return the requested access policy. The information returned includes the numeric name of the access policy and the ID(s) of the associated GCP project(s): 

NAME: 123412341234
ORGANIZATION: 112233441122
SCOPES: projects/111122223333
TITLE: cc-org-access-policy
ETAG: abcd1234abcd1234abcd

06 Run access-context-manager perimeters create command (Windows/macOS/Linux) to create a VPC Service Perimeter that will protect the Google Cloud Dialogflow resources within the specified GCP project from data exfiltration. For --resources, specify the GCP project you wish to be part of the perimeter. For --restricted-services, specify which Google Cloud services must be protected by the perimeter (in this case, Dialogflow). For --policy, specify the numeric name of the access policy associated with your organization. And for --ingress-policies, specify the filename of the ingress rule defined in step no. 1 (i.e., ingress-rule-config.yaml): 

gcloud access-context-manager perimeters create "cc_dialogflow_perimeter"
	--title="cc_dialogflow_perimeter"
	--resources="projects/111122223333"
	--restricted-services=dialogflow.googleapis.com
	--policy=123412341234
	--ingress-policies=ingress-rule-config.yaml

07 The command output should return the operation status: 

Create request issued for: [cc_dialogflow_perimeter]
Created perimeter [cc_dialogflow_perimeter].

08 Repeat steps no. 1 - 7 for each GCP project available within your Google Cloud organization.

References

Publication date Jul 28, 2025

Related DialogFlow rules