Google Cloud Armor Rules

Question

Google Cloud Armor Rules

argidenise opened this issue 2 years ago · 3 comments

Hi Ayaka,

I want to self-host my own API endpoint, please kindly share what Google Cloud Armor rules did you use?

Thank you.

Answer 1 · 2023-03-14T15:30:35.000Z

Note that the second and the third rules are not safe at all, because simply changing the "User-Agent" header will bypass them. However, the rules are set to show that developers should use this API appropriately and should not use programming methods to call this API on a large scale. Otherwise the free API will be exhausted very quickly.

Answer 2 · 2023-03-14T15:42:32.000Z

Thank you! I have successfully created the rules, may I know how to connect this to my Cloud Run? I have been trying :(

Answer 3 · 2023-03-14T16:02:58.000Z

Yes, I also think the setup is confusing :(

In Load balancing, create a load balancer.

In Cloud Armor - "Apply policy to targets", apply to the load balancer we've just created.

If you are willing to contribute, feel free to create a PR with the steps for the configuration!