search
HomePlatformPricing
githubEdit

Cloud Armour

Implement GCP Cloud Armour in DuploCloud

GCP Cloud Armour helps protect your applications and websites against denial of service, web breaches, and cyber-attacks.

Use DuploCloud to activate your GCP Cloud Armour software and monitor your cloud infrastructures and deployed services and applications.

hashtag
Adding a Security Policy in the DuploCloud Plan

Before you can use DuploCloud with Cloud Armour, define a Security Policy in the DuploCloud Plan that supports your DuploCloud Infrastructure.

  1. In the DuploCloud Portal, navigate to Administrator -> Plan. The Plans page displays.

  2. From the Name column, select the Plan that corresponds to your Infrastructure. When you create a DuploCloud Infrastructure, a Plan is created with the same name.

  3. Click the Security Policy tab.

  4. Click Add. The Add Security Policy pane displays.

  5. In the Name field, enter an appropriate name for the Security Policy. This is the name used in the DuploCloud portal. It is convenient to keep it the same as the Security Policy ID, but not required.

  6. In the Security Policy ID field, enter the name of your GCP Cloud Armour Security Policy. This is the name used in the GCP console.

  7. Click Create. The Security Policy that you specified is displayed in the Security Policy tab.

    Security Policy tab on the DuploCloud Nonprod Plan page

hashtag
Adding the Cloud Armour Security Policy to a Load Balancer

Now that the Cloud Armour Security Policy has been defined in your DuploCloud Plan, add the policy to a Load Balancer so that it can monitor network traffic.

  1. In the DuploCloud Portal, navigate to Kubernetes -> Services or Docker -> Services.

  2. Select the Service to which your Load Balancer is attached.

  3. Click the Load Balancer tab.

  4. In the Other Settings card, click Edit. The Other Load Balancer Settings pane displays.

    Other Load Balancer Settings pane with Security Policy selected

  5. From the Security Policy list box, select the Security Policy you added in the previous step.

  6. Select the Enable HTTP to HTTPS Redirect option.

  7. Select Enable Access Logs to view rule evaluations.

  8. In the Idle Timeout field, enter the number of minutes for timeout, in seconds.

  9. Click Save.

The Security Policy displays in the Load Balancer's Other Settings card.

Other Settings card with Security Policy displayed

hashtag
Modifying a Cloud Armour Configuration Security Policy

To change your Cloud Armour configuration to use a different security policy, edit the Security Policy in the DuploCloud Plan.

  1. In the DuploCloud Portal, navigate to Administrator -> Plans. The Plans page displays.

  2. From the Name column, select the Plan that corresponds to your Infrastructure.

  3. Click the Security Policy tab.

    Plan Security Policy tab

  4. In the row listing your security policy, click the Edit Icon ( ) to change the Security Policy ID. The Update Security Policy pane displays.

    Update Security Policy pane

  5. Modify the Security Policy Name and the Security Policy ID as appropriate.

  6. Click Update. The changes are saved and displayed in the Security Policy tab.

hashtag
Viewing Security Policy logs

Logs will only be visible if you Enable Access Logs in the Load Balancer's Other Settings card.

To view Cloud Armor Security Policy logs:

  1. Locate the Security Policy in the GCP Console.

  2. Click the Logs tab.

  3. Click the View policy logs link on the Logs tab to view logs of the policy's rule evaluations.

PreviousLoad BalancersNextCloud Credentials

Last updated

Was this helpful?