Restricting tokens or access to resources in an effective way

Are you trying to restrict tokens or access to resources?

the request I have is to restrict actions in the console and API across all projects in our org (and the org itself) – there are other controls in place for access to resources themselves (in terms of network paths, cloud armor or firewall… we do use VPC SC a bit too in some places)

the request actually came in as “keep it simple” and was for console access only being restricted and didn’t mention the APIs … but when it got written in another ticket it now specifically says APIs too. and what’s the word for when boss asks to “keep it simple” when you know they also mean you can’t break the existing private network connections anything has in terms of internal networking to one another?

are you aware of any tutorials google themselves has on setting this up? it seems like the documentation is scattered and there’s no clear explanation as to why you might want one appraoch vs another… there was a good Medium article on how to set it up using Chrome Enterprise Premium but the author in the last week seems to have made that article private to paying members only, no guest access under the guest quota even :disappointed: wompwomp