Why some rule actions are disabled in google cloud armor?
I'm trying to select "Rate based ban" rule action when creating a new policy but it's disabled and when I click on the option nothing happens. I tried creating new rule (instead of default rule), targeting different backends, enabling Adaptive Protection but non off these helped Also I'm using "Standard Tier" and have "Compute Load Balancer Admin" permission role as well
EDITED:
I tried cmd to create the policy but seems like "Rate based ban" is not available:
gcloud compute --project=[PROJECT_NAME] security-policies rules create 3 --action=rate-based-ban --security-policy=temp-policy --src-ip-ranges=\*
Gives Error:
ERROR: (gcloud.compute.security-policies.rules.create) argument --action: Invalid choice: 'rate-based-ban'.
Valid choices are [allow, deny-403, deny-404, deny-502, redirect-to-recaptcha].
To use Adaptive Protection you must enroll your account in Managed Protection Plus.
Using Google Cloud Armor Managed Protection
Right now some services/options are in beta/preview. Some customers can access these features and some cannot. If you have opted into Standard, then you can not access features enabled in Managed. If you have not opted into either (the time is ending soon) then you can access features not available in Standard. If you need clarification on your account status and which features you can access, contact Google Cloud Billing support (free) in the Google Cloud Console.
Given that Managed is not free, double-check what you have enrolled in. If you have not enrolled in either Standard or Managed, select one before you default to Standard, and the features you enabled stop working.
- Cloud Run: mounting volume timed out: The NFS server may not be reachable or may not exist
- Migration from Container Registry to Artifact Registry for App Engine Standard Deployments
- Google Cloud: Access to image has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource
- Im creating a VM using terraform code in GCP. I would like to inject a script that runs when the vm is created upon startup
- QUOTA_EXCEEDED : Exceeded daily quota for email sign-in in spite of using my SMTP settings
- How do I add share drive access to a google service account
- google.cloud namespace import error in __init__.py
- difference between docker BRIDGE and HOST driver?
- How can I connect an externally hosted MySQL database to BigQuery?
- Issue when trying to register an app for consent screen in google oauth
- Google Cloud Platform Trace from Cloud Function Invocation to Cloud Run HttpRequest
- Google OAuth 2 Error 400: redirect_uri_mismatch but redirect uri is compliant and already registered in Google Cloud Console
- Firebase Firestore timestamp not allowed inside array
- Why am I not able to get the env var values from google secret manager?
- changing image repository from Container Registry to Artifact Registry
- ALS (Alternating Least Square) algorithm in multiple rankings for a user
- Unable to connect to Gemini / Vertex AI
- How can I get Firebase Authentication ID tokens to work with Google Cloud Identity Platform so they get validated?
- How to identify the storage space left in a persistent volume claim?
- Cloud Run container stops processing when running parallel FastAPI background tasks
- GCP Cloud Storage - Golang aws sdk2 - Upload file with s3 INTEROPERABILITY Creds
- Creating folders using GCP PHP Client Libraries
- GKE Fluent bit partial logs
- Data loading and transformation from gcs to bigquery
- How to forcefully stop an operation on GKE cluster and thereby delete GKE cluster?
- Apache Beam with Dataflow: flag 'ignore_unknown_columns' for WriteToBigQuery not working
- Google Speech to Text - Not Getting the transcription | SOLVED
- Deploying firebase cloud fails because of some build errors
- Why does Cloud Deploy not support multiple target types in one pipeline?
- CloudBuild pull status from latest run, from a specific build trigger using via CloudBuild API?