I have installed the nginx ingress controller on GKE from https://github.com/kubernetes/ingress-nginx via helm chart
it does create the controller and also an firewall rule. The rule is open for all public ips. Is there a way to restrict this via the helm chart ?
if not any way go get the auto generated firewall rule via terraform and adjust ? the name of the firewall rule looks like this: k8s-fw-a8301409696934895b9facd9232892dc
Thanks
nginx ingress creates a loadBalancer service to expose it on GKE. You can define the spec.loadBalancerSourceRanges
field in the service definition with the IPs you would like to allow access, all other IPs will be filtered. The default value for this field is 0.0.0.0 and the GCE firewall rules are created based on this field.
Note that you can also leverage the Nginx ingress controller to limit which IPs can connect, however, this still allows alls traffic to reach the node.