JetStream for GCE Disaster Recovery Orchestration Admin Guide

Product Security Considerations

Adhere to the following recommended security considerations:

Data and management communications do not leave the user's infrastructure inside GCP other than metering information sent to the Marketplace for billing purposes.
Web UI access is restricted to access port 443 through the IAP framework.

By default, all AROVA appliances should be configured to access a dedicated network without access to production VMs.

Access to the Administrator web interface is mandated through granting users access to AROVA ports through IAP.

Refer to: https://cloud.google.com/iap/docs/using-tcp-forwarding#tunneling_other_tcp_connections

AROVA appliances gain elevated privileges through the service account they are configured with.

See Appendix A for the list of permissions.

The service account is granted limited permission Role access to the projects where protected VMs reside.
AROVA ACD only stores metadata about VMs and does not contain any sensitive user data itself.
The ARO Marketplace server does not access the user's infrastructure. It only receives and saves usage reports from AROVA appliances.

Also see:

View: Getting Started

View: Google Cloud Engine Prerequisites