Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Is there an equivalent of AWS "security groups" between App Engine and Compute Engine instances?

TLDR; Are there any updates about this question? Google App Engine communicate with Compute Engine over internal network

--

It is possibile to enable HTTP traffic between App Engine and Compute Engine instances that are in the same Cloud Project?

Obviously denying all HTTP traffic from other sources.

Between AWS EC2/RDS/Beanstalk this is possibile with "security groups".

like image 214
aqquadro Avatar asked May 29 '14 10:05

aqquadro


1 Answers

I think the best you can currently do is managed VMs (https://developers.google.com/cloud/managed-vms, early access right now). It's essentially managed VMs running custom code in the app engine project. I did not check if the managed VMs will be able to run together with other gce VMs in the same network - if they did one could just connect to the internal addresses of the other instances. There does not appear to be a configuration option to define a network so I'm leaning to guess that they won't be able to see each other on the network like that.

But as an answer to the general question, I don't think there is any way of referencing app engine runtimes as sources in gce network ACLs currently.

like image 119
siimphh Avatar answered Oct 06 '22 19:10

siimphh