If I implement a load balanced to have my domain. how do i block the automatically generated url for my api gateway?

Question

I am implementing security to my Cloud Run services through an Api Gateway NEG and a load balanced I need block the automatically generated url for my api gateway so that they only access my services through the load balanced

From what I understand Cloud Armor can only be used with the load balancer and not directly with the APi gateway.

score 0 · Answer 1 · answered Jun 14 '23 at 17:20

0

You need to set the ingress for your services to "Internal and Load Balancing only". You can do this in the Google Console:

Or, if you use Terraform by adding:

  metadata {
    annotations = {
      "run.googleapis.com/ingress" = "internal-and-cloud-load-balancing"
    }

  }

to the top level in your terraform resource.

answered Jun 14 '23 at 17:20

Mirco

2,940
5
34
57

1

Of course, but the issue is that I have an Api Gateway that contains my routes from my Cloud Runs. I do not have my load balancer configured with a Cloud run NEG but with an api gateway one. What I want to block is the autogenerated url for the api-gateway. – Matias Galdames Jun 15 '23 at 05:21

If I implement a load balanced to have my domain. how do i block the automatically generated url for my api gateway?

1 Answers1