Thank you for your reply Olu. My goal is to build an app that required some services to be exposed to any public IP and others multiple back-end services closed to any external access. All thoses services are accessed through an home-made api gateway.
I started looking at identity aware proxy but should I ? Which strategies would you recommend instead ? Le vendredi 29 mai 2020 15:54:36 UTC+2, Olu a écrit : > > As you may already know, GCP Projects represent a trust boundary within an > organization. Hence, inter-project communication between App Engine > services would require Public IP communication or using Shared VPC[1]. > There should be no internal communication between App Engine Services over > different projects. Hence, whitelisting App Engine internal IP addresses > might not be useful in this situation. > > About using Public App Engine IP addresses, as illustrated in this > document [1] App Engine hosts services on a dynamic public IP address of a > Google load balancer. Due to that, the IP address can be changed any time > and any Static IP can not be provided. For outbound services, a large pool > of IP addresses are used which you can obtain as outlined in this > document[2]. > > [1]https://cloud.google.com/vpc/docs/shared-vpc > [2]https://cloud.google.com/appengine/kb/#private-ip > [3]https://cloud.google.com/appengine/kb/#static-ip > > -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/google-appengine/c444d6aa-cb93-4da5-8cf9-7f05541ed1c5%40googlegroups.com.
