Alternative to AWS s Security groups in GCP

0 votes

Is there an alternative to AWS's security groups in the Google Cloud Platform?

Following is the situation which I have:

  1. A Basic Node.js server running in Cloud Run as a docker image.
  2. A Postgres SQL database at GCP.
  3. A Redis instance at GCP.

What I want to do is make a 'security group' sort of so that my Postgres SQL DB and Redis instance can only be accessed from my Node.js server and nowhere else. I don't want them to be publically accessible via an IP.

What we do in AWS is, that only services part of a security group can access each other.

I'm not very sure but I guess in GCP I need to make use of Firewall rules (not sure at all).

If I'm correct could someone please guide me as to how to go about this? And if I'm wrong could someone suggest the correct method?

Mar 19, 2022 in GCP by Rahul
• 3,380 points
2,612 views

1 answer to this question.

0 votes

GCP has firewall rules for its VPC that work similar to AWS Security Groups. More details can be found here . You can post your PostreSQL database, Redis instance and Node.js server inside GCP VPC.4

  • Make Node.js server available to the public via DNS
  • Set

default-allow-internal

so that only the services present in the VPC can access each other.

As an alternative approach you may also keep all three servers public and only allow Node.js IP address to access DB and Redis severs, but the above solution is recommended.

answered Mar 20, 2022 by Korak
• 5,820 points

Related Questions In GCP

0 votes
1 answer

How to remove a rule from the security group in GCP?

Hi@akhtar, You can remove one or more rules ...READ MORE

answered Nov 9, 2020 in GCP by MD
• 95,460 points
789 views
0 votes
2 answers

How to install gcp in Python?

If you're accessing BigQuery in python, you ...READ MORE

answered Aug 20, 2018 in GCP by Priyaj
• 58,060 points
1,693 views
0 votes
1 answer

Connect to an instance as a root user in GCP

If you configured an instance to allow ...READ MORE

answered Sep 24, 2019 in GCP by Sirajul
• 59,230 points
5,412 views
0 votes
1 answer

How to allow outbound traffic on a custom port in gcp?

To allow outbound traffic through a custom ...READ MORE

answered Sep 26, 2019 in GCP by Sirajul
• 59,230 points
4,961 views
0 votes
1 answer

Is it possible to rename a project in GCP?

Yes, it is possible to rename your ...READ MORE

answered Sep 27, 2019 in GCP by Sirajul
• 59,230 points
21,340 views
0 votes
1 answer

What are the service accounts in GCP? How to create one?

The special accounts associated with a project are called the Service Accounts. The ...READ MORE

answered Oct 9, 2019 in GCP by Sirajul
• 59,230 points
902 views
0 votes
1 answer

Adding previlages to a user in GCP

The permission "servicenetworking.services.addPeering" is enclosed within the role "compute.NetworkAdmin". If you would ...READ MORE

answered Oct 10, 2019 in GCP by Sirajul
• 59,230 points
1,017 views
0 votes
1 answer

ARP protocol in GCP for two VMs to communicate directly

ARP and RARP are supported. ARP lookups ...READ MORE

answered Mar 4, 2022 in GCP by Korak
• 5,820 points
675 views
0 votes
1 answer

How to check which user has stopped the dataflow pipeline in GCP?

You can view all Step logs for ...READ MORE

answered Mar 9, 2022 in GCP by Korak
• 5,820 points
674 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP