google-cloud-platform throttling rate-limiting google-cloud-armor

How to enforce rate limiting for an IP that received 403 errors repeatedly in a Security Policy in Google Cloud?

I want to enforce rate limiting (throttling) if an IP has repeatedly faced 403 errors, on the edge, using Google Cloud Armor.

I have been able to enforce rate-based limiting/throttling for any IP that crosses the benchmark using the enforceKey on IP as the key.

However, I want to also throttle, at a higher priority, any IP that faces 403 errors.

Is this doable in Google Cloud Armor?

Solution

This is not doable today as the 403 code is an origin response and Cloud Armor does not process outbound rules, just inbound.

Getting 403 from GCP metadata server
Steps to get Firebase Authentication working locally?
Error: 10: Developer console is not set up correctly (Not Using Firebase) (One Tap sign-up)
what is the recommended Cloud Firestore location for Egypt and the middle east countries?
Workflow to run cloud run job, while not waiting for completion and proceeds to next step
Permissions For Google Cloud SQL Import Using Service Accounts
Best Practices for Migrating Docker Images from Google Container Registry (GCR) to Artifact Registry with High Volume of Tags
GCP Cloud Run: “missing required GoogleAccessID” when generating V4 Signed URL for Cloud Storage
Flink-BigTable - Any connector?
Increase gcloud run deploy timeout (NOT request timeout)
Efficiently storing and getting likes in FireStore / Document DB
Error 400 invalid JSON Payload Unknown name generationConfig on an AI API Curl command
Google Cloud Run - Domain Mapping stuck at Certificate Provisioning
What is the difference between Google Cloud Vision API and Mobile Vision?
Setting GOOGLE_APPLICATION_CREDENTIALS for BigQuery Python CLI
BigQuery Transfer Service does not copy rows from S3
Vertex AI feature store vs BigQuery
Random Sampling in Google BigQuery
How to Properly Inject Service Account Credentials in Google Cloud Build for Cloud Run Deployment?
Read JSON file directly from google storage (using Cloud Functions)
How to Automatically Renew Let's Encrypt SSL Certificate on All-Inkl DNS and Google Cloud VM (Ubuntu)?
How to copy a table in Big Query, with primary keys
How to see "Network Security Address Group" details
how do I set up cloud run in a shared vpc with direct vpc egress?
what is the privilege of the Postgres user created by gcp
Deploy llama on VertexAI
How to display messages as list in gmail api?
set log severity on google cloud without using google-cloud-logging library
Is there a way to check which SA key has been used by a service account for a request?
Uploading images to Firebase storage returns "Access denied" after some time