Security Perimeter

This page describes how to set up a Cloud Run security perimeter for P0 to manage access in your Google Cloud environment.

What is P0's GCP security perimeter?

The P0 GCP security perimeter is a lightweight Cloud Run agent that allows P0 to manage access in your Google Cloud environment, while preventing malicious access to your environment.

Prerequisites

  • Identify a Google Cloud project where you want to install P0 GCP security perimeter. P0 recommends that you create a separate google cloud project to deploy this security perimeter.

  • Obtain permissions to create a GCP cloud run service, create GCP roles, and add IAM bindings to the project. These permissions can be gained via the editor role.

Contact P0 support for access to the GCP security perimeter code repo.

Install the security perimeter

  1. Choose the IAM management security perimeter component.

  1. Click Add project to install a new project.

  1. Enter the Google project name into the Project identifier field.

  1. The resulting page will display GCP commands to complete the installation. Run these instructions in Cloud Shell:

  1. Retrieve the Cloud Run url by running the displayed command in Cloud Shell:

  1. Click Finish to complete the installation.

Last updated