VPC Service Controls

VPC Service Controls provide a security layer for Gemini Enterprise by defining a perimeter that protects sensitive data from unauthorised access or exfiltration. It allows administrators to restrict service access to specific IP addresses, VPC networks, and authorised devices.

This feature is available for organisations using supported Gemini Enterprise editions on Google Cloud. It is designed for enterprises that require granular control over how their AI models and data connectors interact with the broader internet and internal networks.

To configure a perimeter, access the VPC Service Controls section in the Google Cloud Console. Add the Gemini Enterprise (Discovery Engine) API to your restricted services list and specify the projects and access levels required for your security policy.