How to filter inbound traffic for GCP CDN?

Question

I have a very basic question about cdn service in gcp. I need to allow just some ips in inbound and deny all the other traffic. How I can achieve this feature? just to know, the cdn will use a backend bucket service.

I've already tried gcp armor but for HTTP(S) load balancer it does not work. Then, what is the right component in the gcp stack?

Thank you in advance for your time.

score 1 · Answer 1 · answered May 16 '20 at 09:29

1

Cloud Armor for Cloud CDN is available now as mention here. It's only available for backend services now. For backend buckets, there seems to be no timeline on that.

answered May 16 '20 at 09:29

Tranvu Xuannhat

524
3
6

score 0 · Answer 2 · answered Apr 17 '19 at 15:48

0

In the documentation says:

Cloud Armor security policies and IP deny list/allow list are not supported for Cloud CDN. If you try to associate a Cloud Armor Security Policy for a backend service and Cloud CDN is enabled, the config will be rejected. Similarly, if you attempt to enable Cloud CDN for a backend service that has an associated Cloud Armor security policy, the configuration process will fail.

Also there is a Feature Request already present.

answered Apr 17 '19 at 15:48

Albert Sunyer

83
10

Thank you Albert, do you have any eta for this feature request? – PistolPete Apr 17 '19 at 15:59
Usually there is no ETA for this kind of request, since they need to be evaluated. Also since there is no ETA, maybe we should mark the answer as done. – Albert Sunyer Apr 18 '19 at 10:24

How to filter inbound traffic for GCP CDN?

2 Answers2