Hi, If you would like to protect certain "App Engine" services from outside invocation, I would recommend using '' Google Cloud Identity Aware Proxy'. Identity-Aware Proxy (IAP) lets you manage who has access to services hosted on App Engine. You can turn on IAP and this will allow only members listed in the permission panel to access your App Engine Services.
[1].https://cloud.google.com/iap/docs On Wednesday, March 18, 2020 at 11:22:14 AM UTC+1, Serhii Diukarev wrote: > > Dear Sir/Madam, > > I am developing a web service(server) for my web application. After > looking at every amazing Google Cloud product, I am thinking of doing the > following to have a secure server on Google Cloud: > > 1. I want to be able to protect (certain) "App Engine" services from > outside invocation. Add security specifications in Cloud Services to allow > only my app request endpoints. My app running on a node.js server on > Google > App Engine > 2. I want to be able to make requests from "Cloud Tasks" en "Cloud > Scheduler" to 'protected' "Cloud function" AND "AppEngine" endpoints from > within the Google network. > > I looking forward to receiving your response! > -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To unsubscribe from this group and stop receiving emails from it, send an email to google-appengine+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/google-appengine/840ce4bf-51ef-41f9-bf0a-0a1ed1a87521%40googlegroups.com.
