I wonder if it is possible to use Cloud Armor with GAE Flex? Because in Cloud Armor's documentation, it says that you have to use an HTTPS Load Balancer. Since GAE Flex doesn't have a load balancer, how can we use Cloud Armor with GAE Flex? We have to use a WAF to prevent DDOS attacks. Is it possible to use Cloud Armor with GAE Flex through HTTPS Load Balancer? If so, can you explain how I can achieve this goal?
Thank you.
As per document 1 the only backends supported by HTTP(S) Load Balancer are: MIG, IG, NEGs and storage buckets. Hence, it's not possible to use App Engine Flex with the HHTP(S) Load Balancer.
An HTTP load balancer can only be used for Managed Instance Groups, Instance Groups, Network Endpoint Groups, and Storage Buckets. So you won’t be able to use an HTTP load balancer with App Engine Flex.
However, there are many other options for securing an App Engine application. You can use an App Engine Firewall 2 rule to keep out all traffic except a single service 3 . App Engine also sits behind the Google front-end, which absorbs many basic attacks like SYN floods, IP fragment floods, or port exhaustion. I’m also sending you a document on our best practices for preventing DDOS attacks 4.