K
Q

Google GKE Load Balancer firewall need to block ping

4/16/2019

I need to lock down access to service running in Google Cloud Kubernetes. What I can do is use "loadBalancerSourceRanges" in service deployment with TCP load balancer to restrict networks that can access service say on port 443.

What I don't seem to be able to do is lock down ICMP traffic from internet hitting load balancer. This is security compliance requirement I have.

Google documentation and bug tracker seem to indicate that this is not possible. Am I correct and what is best alternative?

-- Edgarz
google-cloud-platform
google-kubernetes-engine
kubernetes

Similar Questions

Traefik persistant volume timeouts AKS
How to forward traffic from domain in route53 to a pod using nginx ingress?
Accessing remote shell of a pod as root user
NullPointerException when creating scheduler in spring-cloud-dataflow on kubernetes platform

1 Answer

4/18/2019

If you go to VPC Network -> Firewall Rules -> Create firewall rule and select the targets as "All instances in the network" and block all ICMP requests you may be able to accomplish this (not tested).

-- math3vz
Source: StackOverflow