This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Announcements
The Google Cloud Community will be in read-only from July 16 - July 22 as we migrate to a new platform; refer to this community post for more details.
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Adding rate-limiting to our Cloud Run HTTP APIs

Posted on 05-19-2022 04:51 AM
nifk01
Bronze 2
Bronze 2
Reply posted on --/--/---- --:-- AM

Hello.

We use Cloud Run to spin up a bunch of HTTP servers, that all receive traffic from our user's via Fastly. Now we want to implement rate-limiting based on IPs of our clients, in order to prevent resource starvation.

I was researching how people regularly do this on GCP, but couldn't find any helpful resources. I've seen people recommending various different solutions: Load Balancer, Cloud Endpoints, Cloud Armor, Apigee etc.

What would be the easiest way to do this? We'd like to ideally avoid keeping the state ourselves (i.e. Redis).

P.S. For various reasons, we can't do it in Fastly.

2 1 2,507
Topic Labels
1 REPLY 1

Posted on --/--/---- --:-- AM
JGerman23
Former Googler
Reply posted on --/--/---- --:-- AM

Reviewing for the options you mentioned, as a recommendation I can suggest you to use Cloud Armor.

Cloud Armor works with the Google Cloud HTTP Load Balancer to inspect incoming traffic for malicious requests. This service's rate restriction functionality allows you to restrict traffic to backend resources based on request volume, preventing unwanted traffic from using resources on your VPC network.

Here are two guides you can follow for practicing:

Codelabs - Rate-Limiting with Cloud Armor.

Cloud Self-Paced - Rate Limiting Cloud Armor.

Top Solution Authors
View all