Set Up Google Cloud Armor to Secure your Website. Cloud Armor is a distributed service which is supported with Global HTTP(S) Load Balancer to provide built-in defenses against infrastructure DDoS attacks.

It will also scale up based on your traffic. You can also build your custom rules to protect your application.

Permit or block your incoming traffic based on IP addresses or ranges using allow lists and deny lists.

You can also use Cloud Armor’s flexible rules language to customize your defenses and mitigate multivector attacks. It also provides predefined rules to defend against cross-site scripting (XSS) and SQL injection (SQLi) application-aware attacks.

Prerequisites

  1. Project on Google Cloud with billing enabled.
  2. Load Balancer Set Up on Google Cloud.

Set Up Cloud Armor

Go to your Google Cloud Console and navigate to Network Security >> Cloud Armor.

Click Create policy.

Cloud Armor Create policy

Create Cloud Armor Security Policy

To create Cloud Armor security policies and rules and attach the Cloud Armor security policy to a target:

Fill all the details in the Create policy page.

Configure Policy

  • In the Name field, type the name of your policy.
  • Optionally, type a description of the policy.
  • Choose Allow or Deny for the default rule.

If you are creating a Deny rule, choose the Deny status. This is the error message that will be displayed if a user without access tries to gain access.

Click Next Step.

Configure Policy

Add more rules

  • Optionally, type in a Description of the rule.
  • In the Match field, type in from one (1) to five (5) IP address ranges to match in the rule.
  • Choose Allow or Deny, depending on the type of rule you are creating.
  • To enable the rule, check Enable. Otherwise, you will see the preview of how the rule behaves.
  • Type the rule’s Priority. This can be any positive integer from 0 to 2,147,483,647, with 0 being the highest priority.
  • Click Done.
  • To add additional rules, click Add rule. Otherwise click Next step.
Add more rules

Apply Policy to Targets

Now you can apply the policy the targets.

Apply Policy to targets
  • Click Add target.
  • Select a Target from the drop-down list.
  • To add more targets, click Add target.
  • Click Done.
  • Click Create policy.

Conclusion

Now you have learned how to secure your website on Google Cloud Platform with Cloud Armor from DDoS, SQLi, Multiverctor attacks.

If you have anything to discuss please post your comment below. Thank you!

Write A Comment

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Like this post...

Signup for FREE Cloudbooklet Newsletter
SUBSCRIBE
close-link
Please help us get 1000 likes in Facebook. Thank You!
LIKE NOW

Stay Connected!

Get latest tutorials on Google Cloud and Open Source topics
SUBSCRIBE
close-link