Cloud Armour only take traffic from non cdn https lb and on top of that backend service supported by https LB are MIG, IG, Neg and Bucket. Hence its not possible to use HTTPS with app engine
I wonder if it is possible to use Cloud Armor with GAE Flex? Because in Cloud Armor's documentation, it says that you have to use an HTTPS Load Balancer. Since GAE Flex doesn't have a load balancer, how can we use Cloud Armor with GAE Flex? We have to use a WAF to prevent DDOS attacks. Is it possible to use Cloud Armor with GAE Flex through HTTPS Load Balancer? If so, can you explain how I can achieve this goal?
Thank you.
Cloud Armour only take traffic from non cdn https lb and on top of that backend service supported by https LB are MIG, IG, Neg and Bucket. Hence its not possible to use HTTPS with app engine
Cloud Armour only take traffic from non cdn https lb and on top of that backend service supported by https LB are MIG, IG, Neg and Bucket. Hence its not possible to use HTTPS with app engine
As per document 1 the only backends supported by HTTP(S) Load Balancer are: MIG, IG, NEGs and storage buckets. Hence, it's not possible to use App Engine Flex with the HHTP(S) Load Balancer.
An HTTP load balancer can only be used for Managed Instance Groups, Instance Groups, Network Endpoint Groups, and Storage Buckets. So you won’t be able to use an HTTP load balancer with App Engine Flex.
However, there are many other options for securing an App Engine application. You can use an App Engine Firewall 2 rule to keep out all traffic except a single service 3 . App Engine also sits behind the Google front-end, which absorbs many basic attacks like SYN floods, IP fragment floods, or port exhaustion. I’m also sending you a document on our best practices for preventing DDOS attacks 4.