I want to protect the access to a webserver listening on port 80 running on a google compute engine vm-instance. the access to the webserver should only be allowed to special google-accounts. With App engine this was possible to implement with IAM. I cannot found anything about this for compute engine. Is there a way to limit the access to the webserver only for a few google-accounts?
0
votes
1 Answers
0
votes
The easiest way I can see is by adding Firewall rules excluding all traffic on port 80 except for some IP addresses. Here is the firewall documentation which will explain how to create firewall rules including the filters and priorities. I also found this post on StackExchange that worth to be mentioned.
Another solution is using Identity-Aware Proxy. The implementation is a bit more complex than simple firewall rules but this access control model will allow specific users to reach your resources.
