🛡 Welcome back to Go Deep with Google Cloud Armor! What questions do you have about Cloud Armor? While you’re here, be sure to subscribe for future episodes! → goo.gle/GoogleCloudTech
Anyone have any recommendations on how to create path based rules for cloud armor? I'm working on a project where the aim is to create path based rules that search for a phrase listed in a text file that I created by SSHing into a vm attached to my load balancer. No matter how I write the rules or set the priority I cannot get any rule to work. I've tried adjusting every aspect of the rule to make it function and I've got nothing. I tried creating new policies, no dice. At this point I just have to walk away to preserve the shrivel of sanity I have left. Any suggestions before I YEET my computer out a window?
The last rule "iplist-tor-exit-nodes", the action is set to deny with 403 (forbidden), but the test received 404 response, and the log also shows a 404. can you help to understand this part?
I am trying to geofence my loadbalancer from 18 countries. I can seem to use CEL expression for 18 countries. gives me "1:1: Expression count of 6 exceeded maximum of 5 expressions." error. How can I implement geofencing with cloud armour?
You need to expose the VM not through an external ip address, but adding it to a instance group (you have to decide either managed or unmanaged, depending on your workload), and then exposing that group via a LB
Go to cloud armor policies screen. Select the policy and delete. Alternatively if you want to remove policy for particular target then simply select the policy go to the target option above rules table and delete the target.
🛡 Welcome back to Go Deep with Google Cloud Armor! What questions do you have about Cloud Armor? While you’re here, be sure to subscribe for future episodes! → goo.gle/GoogleCloudTech
Nice
You should mention, that you need to enable logs level to VERBOSE, to see that kind of details in logs
Hi Cezary thanks for the comment. Yes verbose logging is required to view details of preconfigured WAF logging
Rate limiting have a limitation of 1000 QPM so no one would apply that small value of rate limiting.
Anyone have any recommendations on how to create path based rules for cloud armor? I'm working on a project where the aim is to create path based rules that search for a phrase listed in a text file that I created by SSHing into a vm attached to my load balancer. No matter how I write the rules or set the priority I cannot get any rule to work. I've tried adjusting every aspect of the rule to make it function and I've got nothing. I tried creating new policies, no dice. At this point I just have to walk away to preserve the shrivel of sanity I have left. Any suggestions before I YEET my computer out a window?
The last rule "iplist-tor-exit-nodes", the action is set to deny with 403 (forbidden), but the test received 404 response, and the log also shows a 404. can you help to understand this part?
If it's possible to restrict ip address, but not affecting the URL communication?
I am trying to geofence my loadbalancer from 18 countries. I can seem to use CEL expression for 18 countries. gives me "1:1: Expression count of 6 exceeded maximum of 5 expressions." error. How can I implement geofencing with cloud armour?
Hi, how to add a load balancer to for my VM?
You need to expose the VM not through an external ip address, but adding it to a instance group (you have to decide either managed or unmanaged, depending on your workload), and then exposing that group via a LB
Yes.
Thanks
How to disable cloud armor?
Go to cloud armor policies screen. Select the policy and delete. Alternatively if you want to remove policy for particular target then simply select the policy go to the target option above rules table and delete the target.
cloud armour rules for facebook sharing
15:42 duckduckgo ad within a gcp vid :)