This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Cloud Run control SSL policy

Posted on 05-02-2023 06:19 PM
henrytrang
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hi my team has specific SSL requirements and we use Cloud Runs extensively. I was wondering if there is a way for Managed Cloud Runs to accept only TLS 1.2 and TLS 1.3 handshakes without much configuration.

I am aware that one of the ways we could go about this is to put a Google Load Balancer in front of the Cloud Runs, but if we could get away with not adding more infrastructure to our tech stack, that would be preferred. 

Does anybody know if we can get Cloud Runs to accept only modern TLS handshakes without adding a load balancer in front?

1 1 1,966
Topic Labels
1 REPLY 1

Posted on --/--/---- --:-- AM
Marramirez
Silver 5
Silver 5
Reply posted on --/--/---- --:-- AM

Hi @henrytrang ,

Welcome to the Google Cloud Community!

When defining an SSL policy, you specify a minimum TLS version and a profile. This profile then selects a set of SSL features to enable in the load balancer. There are other Google-managed profiles (COMPATIBLE, MODERN, RESTRICTED, CUSTOM). All of these profiles use the load balancer. Even when not selecting a profile, the load balancer uses a default SSL Policy. 

See documentation here

Let me know if it helped, thanks!

0 Likes