I have a public HTTP API service running in a GKE and am considering using Cloud Tasks with an HTTP target endpoint. I know that securing those via eg oidc tokens is the preferred way but I’m wondering anyway if it would be possible to somehow allow access to this route (set of routes) for only Cloud Tasks calls. As far as I can tell, there is no set of IPs I could whitelist so I’m wondering if there is another way to make it behave as if it’s happening in an internal network. Alternatives and/or suggestions welcome.
Configuring GKE ingress to allow only Google requests (Cloud Tasks)
220 Views Asked by tkroman At
0
There are 0 best solutions below
Related Questions in GOOGLE-CLOUD-PLATFORM
- Google Logging API - What service name to use when writing entries from non-Google application?
- Custom exception message from google endpoints exception
- Unable to connect database of lamp instance from servlet running on tomcat instance of google cloud
- How to launch a Jar file using Spark on hadoop
- Google Cloud Bigtable Durability/Availability Guarantees
- How do I add a startup script to an existing VM from the developer console?
- What is the difference between an Instance and an Instance group
- How do i change files using ftp in google cloud?
- How to update all machines in an instance group on Google Cloud Platform?
- Setting up freeswitch server on Google cloud compute
- Google Cloud Endpoints: verifyToken: Signature length not correct
- Google Cloud BigTable connection setup time
- How GCE HTTP Cross-Region Load Balancing implemented
- Google Cloud Bigtable compression
- Google cloud SDK code to execute via cron
Related Questions in GOOGLE-KUBERNETES-ENGINE
- Cannot access google cloud SQL from google container engine
- Cluster communication and firewalls in Google Container Engine
- Google Container Engine (GKE): "Hello Wordpress" tutorial not working (ERR_CONNECTION_REFUSED)
- Setting up continuous deployment to Google Compute Engine running Kubernetes
- Does Google Container Registry undergo issues?
- How to mount volume for docker container via yaml manifest?
- LogSeverity on aggregated logs in Google Container Engine
- How do I permanently edit cluster/saltbase/pillar/privilege.sls to allow_privledged with Google Container Engine?
- Static outgoing IP in Kubernetes
- Docker container curl to web
- enable stackdriver monitoring agent google container engine clusters on gci image
- Networking between flex environment app engine and cluster engine?
- Set vm.max_map_count on cluster nodes
- How to reduce nodes(vm) running in a Kubernetes cluster of GKE gracefully?
- Google Container Engine StatefulSets in kubernetes 1.5.1 don't seem to work
Related Questions in GOOGLE-CLOUD-TASKS
- How to scale Bulk Scheduled tasks on a Timeline in GCP?
- Google Cloud Tasks availability in asia-southeast1
- Check if Cloud Task Queue is empty
- Queue large number of tasks from Google cloud function
- Google Cloud Tasks trigger Cloud Function with INTERNAL only ingress
- Permission dennied when getting authed_session
- Permission denied on CloudTasksClient.create_task
- Firebase gen 2 task (cloud run) concurrency appears to have no effect
- Google cloud tasks fails to invoke cloud function: PERMISSION_DENIED(7): HTTP status code 403
- Infinite retries in Cloud Tasks after installing Cloud Load Balancing/ GAE/Go
- Google Cloud Platform: Cloud Functions and Cloud Tasks doesn't work with authorized service account email
- ImportError: cannot import name 'tasks_v2' from 'google.cloud'
- Google cloud task or cloud Scheduler
- Is it possible to simulate a Google Cloud Task locally?
- Alternative to Cloud Tasks / Cron / Task Queue on CGP in Python 3 that doesn't have a 10 minute timeout
Related Questions in GKE-NETWORKING
- Calling an application outside cluster from a pod
- Has anyone identified a good solution for iPv6 in GKE, Google Game Servers, or Agones?
- GKE Kubernetes network policy allowing other node IPs
- Loading certificate to GKE service
- Installing Istio in GKE
- How to expose GKE TCP services with SSL termination at cluster edge and client cert auth
- In GKE, can we specify the zone or region of a persistent volume when we create it through a PVC object
- GKE workload identity with spring boot
- unable to reach to my gke pods using internal loadbalancer in gcp through port 8080
- Multi Cluster Service setup has not working as expected
- GKE node upgrade stuck "Error 400: Cluster is running incompatible operation operation"
- How many addresses are used for Pods on creating routes-based clusters in GKE?
- Unable to port-forward in private GKE cluster
- GKE ingress modify existing hosts/paths
- GKE ingress Https Redirect - FrontendConfig not recognized
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?