Google launches App Engine firewall so developers can easily restrict specific IP addresses

GamesBeat Next unites gaming industry leaders for exceptional content, networking, and deal-making opportunities. Join us on Oct 23-24 in San Francisco. Register Now

Google has announced a new firewall feature that allows developers and administrators using App Engine to easily restrict access from specific traffic sources.

Google App Engine (GAE), a managed platform within the broader Google Cloud suite of services that compete with the likes of Amazon Web Services (AWS) and Microsoft Azure, is a web framework and platform for developing and scaling apps hosted on Google’s cloud.

Whether during testing or for other reasons entirely, developers may wish to open up new apps to just a few specific groups of users or perhaps prevent certain regions from accessing them. It is already possible to restrict access based on IP address, but this requires implementing access controls within the code, and even then the requests are still allowed in the door, which not only consumes resources but can also cost companies money for traffic they don’t need or want. With the new Google App Engine firewall, launching today in beta, developers provide a set of rules through the App Engine Admin API, Google Cloud Console, or gcloud command-line tool and specify the IP addresses to block or allow. And that’s about it.

There is a default rule that allows all traffic to visit an app, but admins can update that rule to specify a range of permitted IP addresses from within the company’s own network or partner organizations, for example, or from a specific country.

Event

AI Unleashed

An exclusive invite-only evening of insights and networking, designed for senior enterprise executives overseeing data stacks and strategies.

Learn More

Other use cases for the App Engine firewall include being able to block malicious IP addresses and protecting an app from distributed denial of service (DDoS) attacks.

Above: Firewall rules

Developers can hit the Test IP tab in the Cloud Console to ensure that their rules are working as intended. Anyone visiting from a blocked IP address will see an HTTP 403 Forbidden response, and their attempt to visit the website or app won’t add to the load or count in terms of traffic.

It’s worth remembering that this new tool isn’t a finished product, so some care is advised. “App Engine firewall is in beta, so avoid using this functionality in production environments,” noted Google product manager Lorne Kligerman, in a blog post.

VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.