We have a frontend service (Default Service [Module]) and several backend
Services that should only be accessed by that frontend service, and not
from outside the GCP, e.g. from a browser.
What is the recommended firewall approach to that?
One of these?
- GCP Firewall rules that only allow access to the backend Service from
the given frontend Service?
- Not sure that per-Service control is supported by this Firewall.
- GCP Firewall rules that allow outside access to the entire Project
only through Port 80/443; the backend Services use a *different* port so
that they are inaccessible from the outside?
- This approach is commonly used with GKE.
- Something with VPCs?
-
--
*JOSHUA FOX*
Director, Software Architecture | Freightos
*T (Israel): *+972-545691165 | *T (US)*: +1-3123400953
Smooth shipping.
--
You received this message because you are subscribed to the Google Groups
"Google App Engine" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to google-appengine+unsubscr...@googlegroups.com.
To post to this group, send email to google-appengine@googlegroups.com.
Visit this group at https://groups.google.com/group/google-appengine.
To view this discussion on the web visit
https://groups.google.com/d/msgid/google-appengine/CAD%3DB7cNZph0Kon355b8Kzrb__UhDo5Qs1VW%2BL%3DzC9yyUVN18SA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
