Using VPC Service Controls

VPC Service Controls can help you mitigate the risk of data exfiltration from Dialogflow. Use VPC Service Controls to create a service perimeter that protects the resources and data that you specify. For example, when you use VPC Service Controls to protect Dialogflow, the following artifacts cannot leave your service perimeter:

  • Agent data
  • Detect intent requests and responses

Limitations

The following limitations apply:

  • Integrations let third-party applications directly connect to Agents regardless of if the Agent is within a service perimeter.
  • Service Directory is not supported.
  • When VPC Service Controls is enabled, webhook calls are blocked.

Service perimeter creation

When you create a service perimeter, include Dialogflow (dialogflow.googleapis.com) as a protected service. You aren't required to include any additional services for Dialogflow to function. However, Dialogflow won't be able to reach resources outside the perimeter, such as files in a Cloud Storage bucket that is outside the perimeter.

For more information about creating a service perimeter, see Creating a service perimeter in the VPC Service Controls documentation.

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025年10月24日 UTC.