I have a public HTTP API service running in a GKE and am considering using Cloud Tasks with an HTTP target endpoint. I know that securing those via eg oidc tokens is the preferred way but I’m wondering anyway if it would be possible to somehow allow access to this route (set of routes) for only Cloud Tasks calls. As far as I can tell, there is no set of IPs I could whitelist so I’m wondering if there is another way to make it behave as if it’s happening in an internal network. Alternatives and/or suggestions welcome.
Configuring GKE ingress to allow only Google requests (Cloud Tasks)
221 views Asked by tkroman At
0
There are 0 answers
Related Questions in GOOGLE-CLOUD-PLATFORM
- Why do I need to wait to reaccess to Firestore database even though it has already done before?
- Unable to call datastore using GCP service account key json
- Troubleshooting Airflow Task Failures: Slack Notification Timeout
- GoogleCloud Error: Not Found The requested URL was not found on this server
- Kubernetes cluster on GCE connection refused error
- Best way to upload images to Google Cloud Storage?
- Permission 'storage.buckets.get' denied on resource (or it may not exist)
- Google Datastream errors on larger MySQL tables
- Can anyone explain the output of apache-beam streaming pipeline with Fixed Window of 60 seconds?
- Parametrizing backend in terraform on gcp
- Nonsense error using a Python Google Cloud Function
- Unable to deploy to GAE from Github Actions
- Assigned A record for Subdomain in Cloud DNS to Compute Engine VM instance but not propagated/resolved yet
- Task failure in DataprocCreateClusterOperator when i add metadata
- How can I get the long running operation with google.api_core.operations_v1.AbstractOperationsClient
Related Questions in GOOGLE-KUBERNETES-ENGINE
- Golang == Error: OCI runtime create failed: unable to start container process: exec: "./bin": stat ./bin: no such file or directory: unknown
- Kubectl command throws error when executed from python script but manual execution works fine
- Unable to add TLS certificate to GKE from Google Secret Manager
- GKE Clusters no indication within metrics or logs after failure
- Getting connection refused to Private GKE Internal point. Autopilot private cluster
- Can I have the Google managed service range on a standard gke cluster created with Terraform- non auto-pilot
- Configure Lens with GKE cluster - gke_gcloud_auth_plugin issue
- Having issues joining my kubernetes worker noed to a controller node
- How to deploy airflow in kubernetes cluster that uses istio
- GKE cluster shutdown
- Artifactory 404 error from virtual repository where docker pulls fine but crictl does not
- Scraping from Mexico in GCP EKG?
- not able to connect via cloud sql proxy
- SQL connection throws error when adding DistributedSession, SessionMiddleware
- CronJob pod repeats pending forever even after deleting it
Related Questions in GOOGLE-CLOUD-TASKS
- How can I improve concurrent message processing with Google Task Queue?
- Google cloud task unreliable / UNUSABLE
- How can I see executed Google Cloud task and whether they failed or succeeded
- Authorizing endpoint for Cloud Tasks
- How to reschedule a task with Google Cloud Tasks
- CloudTasksClient causing error when instantiated in Firebase Function's onDocumentCreated
- Get tasks for queue using CloudTasksClient
- Host with self-signed certificate as a target of Google Cloud Tasks
- @Google-cloud/task module not found (pnpm)
- How to properly use a custom service account with Firebase and Google Cloud Platform together
- Cloud Tasks cannot invoke Cloud Function using deterministic URL
- Infinite retries in Cloud Tasks after installing Cloud Load Balancing/ GAE/Go
- Firebase gen 2 task (cloud run) concurrency appears to have no effect
- Google cloud tasks fails to invoke cloud function: PERMISSION_DENIED(7): HTTP status code 403
- Permission denied on CloudTasksClient.create_task
Related Questions in GKE-NETWORKING
- Accessing Private GKE control plane from a self-hosted GH Actions runner
- GKE Gateway GCPBackendPolicy
- Usage of Multiple Egress IPs in Google Cloud NAT Setup
- GKE Autopilote EgressNATPolicy with terraform
- Getting error while creating a GKE Auto pilot cluster with shared VPC
- Disk pressure on nodes
- Cannot create a cluster: 0 nodes registered
- cert-manager not resolving challenge : Waiting for HTTP-01 challenge propagation: wrong status code '401', expected '200'
- GKE AUTOPILOT CLUSTER CREATION : pod cidr range restricted to /8 to /22.Can this be modified
- Unable to port-forward in private GKE cluster
- How many addresses are used for Pods on creating routes-based clusters in GKE?
- GKE node upgrade stuck "Error 400: Cluster is running incompatible operation operation"
- Multi Cluster Service setup has not working as expected
- unable to reach to my gke pods using internal loadbalancer in gcp through port 8080
- GKE workload identity with spring boot
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)