Cloud Armor

Jan 1, 0001

Definition

Cloud Armor is a security service provided by Google Cloud Platform (GCP) that helps protect applications from distributed denial-of-service (DDoS) attacks and other web-based threats. It leverages Google’s global infrastructure to provide scalable and robust protection, allowing users to define security policies that filter incoming traffic based on IP addresses, geographic locations, and Layer 7 application protocols. Cloud Armor integrates with Google Cloud Load Balancing to provide a comprehensive security solution for applications hosted on GCP.

Secure Settings Example

securityPolicy:
  name: "secure-policy"
  description: "Security policy to protect against common threats"
  rules:
    - action: "deny(403)"
      description: "Deny traffic from known malicious IPs"
      match:
        versionedExpr: "SRC_IPS_V1"
        config:
          srcIpRanges: ["203.0.113.0/24", "198.51.100.0/24"]
    - action: "allow"
      description: "Allow traffic from trusted IPs"
      match:
        versionedExpr: "SRC_IPS_V1"
        config:
          srcIpRanges: ["192.0.2.0/24"]

Insecure Settings Example

securityPolicy:
  name: "insecure-policy"
  description: "Security policy with overly permissive rules"
  rules:
    - action: "allow"
      description: "Allow all traffic"
      match:
        versionedExpr: "SRC_IPS_V1"
        config:
          srcIpRanges: ["0.0.0.0/0"]