简体繁体 English

Google App Engine 和 GCP Load Balancer 请求检查

[英]Google App Engine and GCP Load Balancer request inspection

原文 2022-04-29 17:22:17 2 1 google-app-engine/ google-cloud-platform/ load-balancing

I have an API running in Google App Engine and I want to introspect HTTP POST body to reject poorly formed calls before it hits my API running in app engine.我有一个在 Google App Engine 中运行的 API，我想在它到达我在 App Engine 中运行的 API 之前检查 HTTP POST 主体以拒绝格式不正确的调用。 Is there a way to front an App Engine application whereby I can introspect the URI, the POST body and return a 400 without it actually being processed by my code running in App Engine?有没有一种方法可以在 App Engine 应用程序前面进行检查，从而我可以自省 URI、POST 主体并返回 400，而无需我在 App Engine 中运行的代码实际处理它？ Please let me know, thanks.请让我知道，谢谢。

1 个解决方案

If you want to inspect HTTP, then you will need to write a proxy application to do so.如果要检查 HTTP，则需要编写一个代理应用程序来执行此操作。 Neither the Google Cloud Load Balancer nor App Engine support hooking HTTP requests. Google Cloud Load Balancer 和 App Engine 都不支持挂钩 HTTP 请求。

Proxies have the MITM (Man In The Middle) problem in that HTTP traffic is often encrypted.代理存在 MITM（中间人）问题，因为 HTTP 流量通常是加密的。 You will not be able to inspect that traffic unless your proxy is the endpoint.除非您的代理是端点，否则您将无法检查该流量。 If you implement your proxy with Apache or Nginx then you can use the ModSecurity project.如果您使用 Apache 或 Nginx 实现代理，那么您可以使用ModSecurity项目。

Basically, you want to implement a WAF.基本上，您想要实施 WAF。 Google offers Cloud Armor which supports inspecting traffic via Cloud Armor rules. Google 提供Cloud Armor ，支持通过 Cloud Armor 规则检查流量。

GCP Google Cloud - 无法创建负载均衡器 - GCP Google Cloud - Cannot create Load Balancer

负载均衡器是否在 gcp 的计算引擎内运行？ - Do load balancer run inside a compute engine in gcp?

GCP App Engine - 无法加载默认凭据 - GCP App Engine - Could not load the default credentials

GCP - 全局负载均衡器没有标签 - GCP - No tags for Global Load Balancer

GCP：负载均衡器重写路径 - GCP: load balancer rewrite path

GCP TCP 带代理协议的负载均衡器 - GCP TCP Load Balancer with PROXY Protocol

是否可以从 GCP 负载均衡器重写对后端服务（例如 Cloud Run）的传入请求？ - Is it possible to rewrite an incoming request to the backend service (e.g. Cloud Run) from a GCP load balancer?

将 Google Load Balancer 设置为 GCP 存储桶时，“$[DEFAULT_SERVICE_URL]”指的是什么？ - What does "$[DEFAULT_SERVICE_URL]" refer to when setting Google Load Balancer towards a GCP Storage Bucket?

GCP 中没有负载均衡器的自动缩放 - Auto Scaling Without Load Balancer in GCP

GCP 负载均衡器中的路由规则问题 - Issue with routing rules in GCP Load Balancer

暂无

暂无

声明:本站的技术帖子网页，遵循CC BY-SA 4.0协议，如果您需要转载，请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 GCP Google Cloud - 无法创建负载均衡器 - GCP Google Cloud - Cannot create Load Balancer 负载均衡器是否在 gcp 的计算引擎内运行？ - Do load balancer run inside a compute engine in gcp? GCP App Engine - 无法加载默认凭据 - GCP App Engine - Could not load the default credentials GCP - 全局负载均衡器没有标签 - GCP - No tags for Global Load Balancer GCP：负载均衡器重写路径 - GCP: load balancer rewrite path GCP TCP 带代理协议的负载均衡器 - GCP TCP Load Balancer with PROXY Protocol 是否可以从 GCP 负载均衡器重写对后端服务（例如 Cloud Run）的传入请求？ - Is it possible to rewrite an incoming request to the backend service (e.g. Cloud Run) from a GCP load balancer? 将 Google Load Balancer 设置为 GCP 存储桶时，“$[DEFAULT_SERVICE_URL]”指的是什么？ - What does "$[DEFAULT_SERVICE_URL]" refer to when setting Google Load Balancer towards a GCP Storage Bucket? GCP 中没有负载均衡器的自动缩放 - Auto Scaling Without Load Balancer in GCP GCP 负载均衡器中的路由规则问题 - Issue with routing rules in GCP Load Balancer

相关标签

粤ICP备18138465号 © 2020-2024 STACKOOM.COM