This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Is there any way to block the non domain calls using cloud armor on external load balancer?

Posted on 12-06-2023 10:24 AM
anilmoregfs
Bronze 4
Bronze 4
Reply posted on --/--/---- --:-- AM

Is there any way to block the non-domain calls using cloud armor on an external load balancer?
I have tried request.headers['host'].lower() != "mycompany.com' but still there are calls coming 

I am looking for something like

request.URL.lower() != 'mycompany.com'

2 1 859
Topic Labels
1 REPLY 1

Posted on --/--/---- --:-- AM
Marvin_Lucero
Staff
Reply posted on --/--/---- --:-- AM

Hi @anilmoregfs ,

The correct YAML should look like this :

- versionedExpr:
version: 1
expr:
- not:
expr:
- equals:
exprValues:
- destinationIp: "::/0"
ipPort: 80
ports:
- 80
protocol: TCP
matchers:
- stringMatch:
config:
expectMatch: false
expr: "mycompany.com"
negateMatch: true
regexMatch: false
textName: "request.headers['host'].lower()"

 Use the expr field to define custom expressions for matching requests.

Top Labels in this Space
Top Solution Authors
View all