How to restrict public access to google app engine flexible environment?

11 views

Skip to first unread message

essis via StackOverflow

unread,

May 17, 2017, 1:23:05 AM5/17/17

to google-appengin...@googlegroups.com

I have many microservices in app engine only for internal use. But, by default, app engine opens service-project.appspot.com domain to public, and anyone can access them via http or https. Is there a way to restrict access only for certain IP address?

The trivial way i can think of is checking source IP address in application code. Or, I can create custom docker image with nginx configuration which checks source ip address. But, these are not quite clean solutions because access control is actually independent from application, and I don't want to hard code static IP address inside the container.

I assumed there is a way to setup firewall rule for app engine, but I could not find it. Identity-Aware Proxy seems like another option, but it is not available for app engine flex.

Please DO NOT REPLY directly to this email but go to StackOverflow:
http://stackoverflow.com/questions/44016191/how-to-restrict-public-access-to-google-app-engine-flexible-environment

Reply all

Reply to author

Forward

0 new messages