Hello Joshua,
App Engine uses ephemeral IP’s, so a purely “firewall based solution” might not be the most efficient solution in your case. But there are other ways that a solution could be developed. As per your requirement is concerned, the closest method to what you have described can be found in this article <https://cloud.google.com/appengine/docs/standard/python/creating-firewalls#allowing_requests_from_your_services>. Your back-end services will automatically deny-all except URL fetch from your own front end service. Depending on your setup, you can simply implement authentication for your backend services <https://cloud.google.com/appengine/docs/standard/python/getting-started/authenticating-users> by requiring login in the URL handler <https://cloud.google.com/appengine/docs/standard/python/config/appref#handlers_element>. You can use “admin” login restriction to make only the people in the project to have access to your backend. You can understand more about how services work on App Engine <https://cloud.google.com/appengine/docs/standard/python/microservices-on-app-engine#app_engine_services_as_microservices> by crafting your own solution if desired. -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To unsubscribe from this group and stop receiving emails from it, send an email to google-appengine+unsubscr...@googlegroups.com. To post to this group, send email to google-appengine@googlegroups.com. Visit this group at https://groups.google.com/group/google-appengine. To view this discussion on the web visit https://groups.google.com/d/msgid/google-appengine/5cbbcab8-b804-4293-a84b-6d239a96f50d%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.