Assigned
Status Update
No update yet.
Comments
lo...@google.com
se...@google.com
Thanks for the report. I will route this to the appropriate internal team and update this when I hear back from them.
al...@sada.com
One more detail, Data Layer event calls from the watch to the phone (running Android 13) do work on if the listener is in an Activity or Fragment.
Description
Please describe your requested enhancement. Good feature requests will solve common problems or enable new use cases.
What you would like to accomplish: Manage minimum TLS versions and cipher suites for Google Front End on a Project level (preferably configured on the specific Service API (serverless NEG's, buckets, etc.)).
How this might work: With the alternative of having the SSL policy "gcp default" be applied per default if no other SSL policies are enforced. Could be configured from the edit/settings page of the leveraged Cloud service. E.g in the settings app for GAE you could apply an SSL policy, for GCF perhaps you can enforce policy in the edit page -> connections, for GCS you could apply it on a bucket level, etc.
If applicable, reasons why alternative solutions are not sufficient: Alternative solutions might not always be necessary, e.g if an image is hosted on a bucket for download from the internet, a load balancer might not always be necessary to have while still wanting to reduce the risk of an attack. Azure has this feature for some of their services, where the possibility to enforce the minimum TLS version on the specific service is available.
Other information (workarounds you have tried, documentation consulted, etc): Google managed default SSL policy, the only possibilities available is either setting up a load balancer or request Google Cloud team to change the SSL policy for the specified Cloud Service (e.g GAE).