IP restriction and VPC Service Controls

Sometimes a client needs to restrict access to Google Cloud Platform (GCP) resources to a specified IP range (also referred to as a trust-list). Trust-listing can be useful for various scenarios, such as limiting GCP access to users on a corporate network or giving auditors access to a requested GCP resource. SADA recommends using Access Context Manager and Virtual Private Cloud Service Controls (VPC SC) for trust-listing. While there are different ways to achieve the same result, I find the following method the simplest, sufficiently comprehensive, and without additional costs.