Implement Security Command Center API at the folder-level or organization-level [316614512]

Assigned

Feature Request

Status Update

No update yet.

Description

pa...@google.com

created issue #1

Dec 15, 2023 08:26PM

This will create a public issue which anybody can view and comment on.

Please provide as much information as possible. At least, this should include a description of your issue and steps to reproduce the problem. If possible please provide a summary of what steps or workarounds you have already tried, and any docs or articles you found (un)helpful.

Problem you have encountered:

VPC Service Controls doesn't support adding folder-level or organization-level Security Command Center API resources into a service perimeter. You cannot use a perimeter to protect folder-level or organization-level Security Command Center API resources.

What you expected to happen:

To be able to add Security Command Center API at the folder-level or organization-level from an organization or folder without VPC SC violations.

Other information (workarounds you have tried, documentation consulted, etc):

Comments

ba...@google.com <ba...@google.com> Dec 18, 2023 03:16AM

Reassigned to ba...@google.com.

ba...@google.com <ba...@google.com> #2Dec 18, 2023 08:20AM

Reassigned to gc...@google.com.

Hello,

Thank you for reaching out to us with your request.

We have duly noted your feedback and will thoroughly validate it. While we cannot provide an estimated time of implementation or guarantee the fulfillment of the issue, please be assured that your input is highly valued. Your feedback enables us to enhance our products and services.

We appreciate your continued trust and support in improving our Google Cloud Platform products. In case you want to report a new issue, Please do not hesitate to create a new issue on the Issue Tracker providing a detailed description of your issue.

Once again, we sincerely appreciate your valuable feedback. Thank you for your understanding and collaboration.

Thanks & Regards,
Ashalatha
Google Cloud Support

br...@lcommerce.leclerc <br...@lcommerce.leclerc> #3Dec 18, 2023 09:48AM

Hello

Could you ensure that the API security command center service account is authorized to enter a private perimeter.

############
ingress_rules:

Selected identities : servie-org-id@security-center-api-iam.gserviceaccount.com
To Project : All Project
Selected services : security command center api
############

This would be much simpler than adding projects, especially when there are a certain number of them.

Thank you very much

Best Regards,

dh...@google.com <dh...@google.com> Jan 10, 2024 10:25AM

Reassigned to dh...@google.com.

dh...@google.com <dh...@google.com> #4Jan 10, 2024 12:14PM

Reassigned to gc...@google.com.

Hello,

Thanks for reaching out to us.

This information has been shared with the product engineering team. As they are evaluating, there is no ETA to this request.

Thanks & Regards

Issue 316614512