Menu
I'm meeting some resistance with using Google Cloud Platform and specifically Big Query from IT security where I work. The argument is that anyone could potentially sign in from anywhere. Is there any way to only allow GCP access from a specific ip range? Or is there possibly another way that I could reassure IT security?
It seems like this is pretty easy to implement in Azure but when I search online I get very little about restricting access in Google Cloud.
Thanks
244
asked Oct 14 '25 04:10
You can have BigQuery behind the VPC:
Access from the internet to managed resources within a service perimeter is denied by default. Optionally, you can enable access based on the context of the request. To do so, you can create access levels that control access based on a number of attributes, such as the source IP address. Requests made from the internet are denied if they do not meet the criteria defined in the access level.
113
Now it's possible to limit whole Google Cloud Console and gcloud SDK access by IP range by using BeyondCorp Enterprise (formerly named context-aware access).
The required steps as following:
More detailed info can refer to the BeyondCorp Enterprise documentation
For example, if you created an access level with an IP range, and bounded to all users.
Once any of the users access the Google Cloud Console or gcloud SDK outside the IP range, they'll only see the You don't have access error message shown on Google Cloud Console, access_denied on gcloud SDK.
45
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
