To make it easier for developers and administrators to restrict access to specific traffic sources with App Engine, Google has launched a new firewall feature. As a management platform, the Google Application Engine (GAE) has been widely used in its own cloud suites and services, and has its own advantages over rivals such as Amazon AWS and Microsoft Azure, and developers can leverage their Web framework to Apps on Google Cloud Platform.
Developers may have the need to open new applications to only a few specific groups or users for testing or other reasons, or to prevent access by special users in the region.
Although there are already access restrictions based on IP address, but if the code in the realization of access control, it is indeed a trouble.
Because even so, these requests are still allowed to access, consume a certain amount of resources, companies have to pay for their own do not expect the corresponding costs.
The good news is that GAE's new improved firewall features are now open for beta (see the example of a firewall rule above)
Developers can easily set a set of rules to specify a blocked or allowed IP address by using App Engine's Administrator API, Google Cloud Console, or the gcloud command-line tool.
Under the default rules, the firewall allows all application traffic to be accessed, but the administrator can make adjustments at any time according to actual needs. Such as network intranet and partner organizations alone, or IP access for country-specific markets.
Other use cases for GAE firewalls include masking malicious IP addresses and protecting an app from distributed denial of service (DDoS) attacks.