LAB: Traffic blacklisting using Cloud Armor

LAB: Traffic blacklisting using Cloud Armor

Posted on Jun 12, 2023 (0)

LAB: Traffic blacklisting using Cloud Armor

Task :

  • Configure HTTP Load Balancer
  • Configure test Instance
  • Create Cloud Armor Security Policy and Test the Traffic


Task 1: Create an Instance Template

Under Compute Engine | Instance Template : Create Instance Template

Under Create Instance Template  | Name: dclessons-instance-template 1 | | Machine Configuration: Series : N1 , Machine Type: n1-standard-1

Under Firewall Rule : Click Allow HTTP Traffic

Under Advance Option | Under Management: Automation: Put below command | Click Create

#! /bin/bash

apt-get update -y

apt-get install apache2 -y

apt-get install php7.0 -y

mv /var/www/html/index.html /var/www/html/index.php

cat <<EOF > /var/www/html/index.php

<html><body><h2>Welcome to Dclessons</h2>



Task 2: Create Instance Group

Click on Compute Engine | In Left Side bar: Click on Instance Group

Under Instance Group | Name: dclessons-instance-group-1 | Select Instance template: dclessons-instance-template-1| Location: Single Zone| Region: us-central1(lowa), Zone: us-central1-a

Under Auto-Scaling: Mode: Select On: add and remove instance to and from the group | Minimum number of instance: 1| Max: 3

Expand Auto scaling Metrics section| Edit Signal: Under Signal Type: CPU utilization | Target CPU Utilization: put 80 | Leave other setting as it is | Done and click on Create

Task 3: Create Instance for Cloud Armor

Under Compute Engine | VM Instance: Create Instance

Under Create Instance | Name: dclessons-armor-instance-1 | Region: us-central1(lowa) , Zone: us-central1-a | Machine Configuration: Series : N1 , Machine Type: n1-standard-1

Under Identity & API Access | Service Account: No Service Account | Rest keep as it is default and click Create

SSH to dclessons-armor-instance-1 and run below command

gcloud auth login --no-launch-browser -q

You will receive below as the output. Copy the URL mentioned in the output.

Click on Allow and Copy the Code


Put the code under: Enter authorization code:

Task 4: Configure Load Balancer

In Left side of main Window | Scroll Down and Select Network Services | Select Load Balancing: Create Load Balancer


    You are will be the first.


Please login here to comment.