This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Secure web proxy - policies

Posted on 12-19-2024 01:32 AM
mountaincode2
Silver 2
Silver 2
Reply posted on --/--/---- --:-- AM

Can someone please explain to me the following table:

Especially the legend below the table:

* Not supported by Google Cloud.
 Source IP address is unique and can be used instead.

What does the following even mean:

Source IP address is unique and can be used instead.

 

0 3 440
Topic Labels
0 Likes
3 REPLIES 3

Posted on --/--/---- --:-- AM
diannemcm
Staff
Reply posted on --/--/---- --:-- AM

Hi @mountaincode2,

Welcome to Google Cloud Community!

To identify the traffic source, Secure Web Proxy uses attributes such as service accounts, Tags, and IP addresses, so from the statement † Source IP address is unique and can be used instead, specifically for Serverless VPC Access connector, the traffic source would be the Source IP Addresses.

This example explains the use of assigned IP addresses for the Serverless VPC Access connector. The connector handles sending and receiving both the requests and responses directly from the assigned IP addresses. Configure Cloud Run to use a connector.

On which types of networks you can reach using Serverless VPC Access, this table is provided for your reference. 

Setting up a secure web proxy on a Serverless VPC Access connector involves configuring a VPC, deploying a proxy server, and configuring your serverless services to route traffic through that proxy. This setup ensures that all outgoing requests from serverless environments are securely routed through the proxy, and allows you to manage internet access or internal service access securely.

You can find additional details in the article "What is the Secure Web Proxy on Google Cloud?" by JK Gunnink.

Was this helpful? If so, please accept this answer as “Solution”. If you need additional assistance, reply here within 2 business days and I’ll be happy to help.

Posted on --/--/---- --:-- AM
mountaincode2
Silver 2
Silver 2
Reply posted on --/--/---- --:-- AM

Hi @diannemcm 

Thank you for that great deconstruction.

But i have a followup query. What does the second table on that page related to VPC architectures indicate. I am not sure i understand that.

0 Likes

Posted on --/--/---- --:-- AM
diannemcm
Staff
In response to mountaincode2
Reply posted on --/--/---- --:-- AM

Hi @mountaincode2,

The table shows that source identity-based security policies are widely supported across various VPC network configurations when using Secure Web Proxy policies. These policies are applicable to both cross-VPC and within VPC traffic.

Within VPC - Indicates that the traffic is coming from within the same Virtual Private Cloud where the Secure Web Proxy is deployed.

Cross VPC - shows that a different Virtual Private Cloud than the one hosting the Secure Web Proxy is the source of the traffic. 

VPC architecture - describes the specific network configuration or type of connection used.

Example: 

Within VPC - Cross project (Shared VPC)

  • The traffic is originating from a resource in the same VPC, but in a different project under the same organization.

Within VPC - Cross region

  • The traffic source is in the same VPC, but is located in a different region from the Secure Web Proxy.

Was this helpful? If so, please accept this answer as “Solution”. If you need additional assistance, reply here within 2 business days and I’ll be happy to help.

0 Likes
Top Labels in this Space
Top Solution Authors
View all