How to Create Cloud Armor Security Policy On Google Cloud Platform

Google Cloud Armor security policies enable you to allow or deny access to your external HTTP(S) load balancer at the Google Cloud edge, as close as possible to the source of incoming traffic. This prevents unwelcome traffic from consuming resources or entering your Virtual Private Cloud (VPC) networks.

 

  • Login to google cloud platform portal.
  • Click on Network Security.
  • Select Cloud Armor.

 

Fig 1

 

  • Click on Create Policy.

 

Fig 2

 

  • Provide Policy name.
  • Select Default Rule action: Allow or Deny (Default).
  • Select Deny status 404.
  • Click on Next step.

 

Fig. 3

 

  • If needs add to  more rules then click on Add rule.

 

Fig. 4

 

  • Select Mode: Basic or Advance mode.
  • Provide IP address for Match.
  • Select Action: Allow or Deny, Click on Allow.
  • Provide Priority.
  • Click on Done.
  • Click on Next step.

 

Fig. 6

 

  • We can configure Target after the policy is created.
  • Click on Next step.

 

Fig. 7

 

  • To enable Adaptive Protection, check the Enable check box.
  • Click on Done.
  • Then click on Create Policy.

 

Fig. 9

 

  • After sometime policy is ready then go to Cloud Armor home page.
  • Cloud Armor is there with the name we provide.

 

Fig 10

 

 

Create Cloud Armor using Shell.

 

Fig 11

 

Leave a Reply