Assigned
Status Update
No update yet.
Comments
gr...@google.com
sc...@google.com
[Deleted User] <[Deleted User]>
Hello,
Thank you for reaching out to us!
I tried to reproduce this issue at my end. However, I am getting the intended behavior.
Please check the
Please let me know if that helped you with your use case and if there is anything else you would need assistance with.
Thank you
am...@broadinstitute.org
Hi, please read the documentation you linked:
> Scheme
> JavaScript origins must use the HTTPS scheme, not plain HTTP. Localhost URIs (including localhost IP address URIs) are exempt from this rule.
Subdomains of localhost (ie. foo.localhost) *are* "Localhost URIs" but are not currently exempt from the rule, contrary to the documentation.
> Scheme
> JavaScript origins must use the HTTPS scheme, not plain HTTP. Localhost URIs (including localhost IP address URIs) are exempt from this rule.
Subdomains of localhost (ie. foo.localhost) *are* "Localhost URIs" but are not currently exempt from the rule, contrary to the documentation.
ap...@deloittece.com.c-04dybahf.appstempdomain.goog
Hello,
Thank you for reaching out to us with your request.
We have duly noted your feedback and will thoroughly validate it. While we cannot provide an estimated time of implementation or guarantee the fulfillment of the issue, please be assured that your input is highly valued. Your feedback enables us to enhance our products and services.
We appreciate your continued trust and support in improving our Google Cloud Platform products. In case you want to report a new issue, Please do not hesitate to create a new issue on the
Once again, we sincerely appreciate your valuable feedback; Thank you for your understanding and collaboration.
az...@deloittece.com.c-04dybahf.appstempdomain.goog
+1
sk...@zencore.dev
+1
va...@google.com
gh...@google.com
ma...@1komma5grad.com
+1
da...@mobilitydata.org
+1.
My use case:
I was looking to add JWT authorization to a cloud-run service without having to handle the token verification in the cloud-run itself. With the help of the API Gateway, I can have multiple serverless services behind it to secure them and have a single point of access. However, without the ability to make the serverless services "private", this solution is not applicable as a potential attacker can call the cloud-run services directly. This means that API Gateway doesn't add much value to my use case.
My use case:
I was looking to add JWT authorization to a cloud-run service without having to handle the token verification in the cloud-run itself. With the help of the API Gateway, I can have multiple serverless services behind it to secure them and have a single point of access. However, without the ability to make the serverless services "private", this solution is not applicable as a potential attacker can call the cloud-run services directly. This means that API Gateway doesn't add much value to my use case.
[Deleted User] <[Deleted User]>
There is no point in having an api gateway that cannot access internal services, it forces me to expose everything to the internet.
gi...@gmail.com
+1
API Gaateway without access to internal services adds no value. This needs to be addressed immediately
API Gaateway without access to internal services adds no value. This needs to be addressed immediately
lu...@athena.studio
+1
iv...@atacadao.com.br
+1
gu...@atacadao.com.br
For greater security of our applications, it is highly necessary for the API Gateway to function for internal services.
ed...@joy.co
Greetings!
Any update in regards to this feature?
I think it is a serious security implication that API Gateway cannot have direct access to internal services.
Any update in regards to this feature?
I think it is a serious security implication that API Gateway cannot have direct access to internal services.
pa...@shoper.pl
+1
ok...@shoper.pl
+1
ma...@dm.de
+1
dp...@gmail.com
+1
ch...@mckinsey.com
is there a fix for this anytime soon?
gd...@computas.com
+1
ma...@thesting.com
+1
This would be a great addition, when setting up a microservice architecture i never expose the service itself but only a gateway
This would be a great addition, when setting up a microservice architecture i never expose the service itself but only a gateway
g....@gmail.com
+1
de...@circle.dental
+1
gi...@haulerhero.com
+1
sa...@sliceglobal.com
+1
ma...@nure.ua
+1. How is that even possible that API GATEWAY don't have this?
hi...@srgplus.com
+1
al...@wunderventures.com
+1
gg...@farsightgen.com
+1
how soon might we expect a fix to this? Our conversion to GCP is gated by this functionality.
how soon might we expect a fix to this? Our conversion to GCP is gated by this functionality.
jv...@sura.cl
+1
ca...@gmail.com
+1
je...@sura.cl
+1
cm...@sura.cl
+1
da...@umany.global
Agree, API Gateway has no value if the backend service cannot be restricted to internal access only
ch...@sensotix.com
+1
ee...@yource.cc
=1
cm...@legria.com
Comment has been deleted.
gu...@gmail.com
+1
an...@consileon.de
+1
ve...@happtiq.com
The definition of a P2: "An issue that needs to be addressed on a reasonable timescale." (https://developers.google.com/issue-tracker/concepts/issues#priority )
Not addressing this when the ticket was created two years ago and has over a hundred upvotes is embarrassing.
Not addressing this when the ticket was created two years ago and has over a hundred upvotes is embarrassing.
be...@blakbear.com
+ 1
ka...@gmail.com
+1
pe...@gmail.com
ge...@gmail.com
+1 need this ASAP
ga...@gmail.com
+1
[Deleted User] <[Deleted User]>
+1
ma...@qaecy.com
+1
[Deleted User] <[Deleted User]> Restricted+
Restricted+
Comment has been deleted.
mo...@dexcom.com
+1
ch...@gmail.com
+1 really need it
ag...@gmail.com
Please add this functionality, it is very necessary to improve cloud security.
vi...@google.com
Hello,
One more Cx is facing this issue related to this case- 51098348 and Cx asking for an ETA for this feature request. I would request to please take a look to implement this feature request as many users are facing this issue.
ed...@elysiumlab.io
This seems like a basic use case if you are interested in using services on Google Cloud Run and care about Security.
Is there still an internal team working on API Gateway at Google that might have this feature on their roadmap?
Please advise, otherwise there is no sense in monitoring and waiting for this 2 year old request that many customers would like.
Is there still an internal team working on API Gateway at Google that might have this feature on their roadmap?
Please advise, otherwise there is no sense in monitoring and waiting for this 2 year old request that many customers would like.
gi...@gmail.com
+1
mi...@sada.com
+1
da...@gmail.com
+1
pa...@unilever.com
I think they want to force us to use Apigee. There is no internal team working on this product. You can see release notes.
ve...@happtiq.com
Then they would have to find an "Apigee Light" pricing for SMBs, the current options are not affordable if you only need a small subset of the Apigee features.
mo...@unilever.com
we need to know due date or if we need to check alternative solutions not just set ticket open for more than 2 years
eg...@gmail.com
is there any existing workaround?
fe...@100esignature.com
waiting for...
zd...@peoplespheres.com
Just starting POC implementing api gateway with cloud run and facing this issue.
I'am asking a lot of questions about GCP product and if it is the best choice for our cloud move
I'am asking a lot of questions about GCP product and if it is the best choice for our cloud move
th...@gmail.com
+1
li...@verily.health
+1
at...@mdlz.com
+1
da...@buildone.co
+1
dc...@gmail.com
+1
ad...@gmail.com
+1
aa...@gmail.com
+1
aa...@gmail.com
+1
om...@gmail.com
+ 1
Description
What you would like to accomplish:
That a Cloud Run service with ingress traffic set to Internal could accept requests from API Gateway in order to have a more secure app instead of using the all ingress which is the only option available for this setup.
How this might work:
When using API Gateway with Cloud Run, it should be possible to allow only internal traffic from Cloud Run in order to only allow traffic from within Cloud Run’s VPC Network.
Other information (workarounds you have tried, documentation consulted, etc):
For the time being the only workaround is to allow All traffic for the ingress setting.