CLOUD-DIGITAL-LEADER · Question #154
What load balancer type is supported with Cloud Armor security policies?
The correct answer is D. HTTP(S) Only. Google Cloud Armor security policies are attached to backend services and are supported by external HTTP(S) Load Balancers (now called Global External Application Load Balancers). Cloud Armor provides WAF (Web Application Firewall) rules, DDoS protection, and IP allow/deny lists
Question
What load balancer type is supported with Cloud Armor security policies?
Options
- ASSL Proxy, HTTP(S) and SSL
- BHTTP(S) and SSL
- CRegional SSL
- DHTTP(S) Only
How the community answered
(29 responses)- B3% (1)
- C7% (2)
- D90% (26)
Explanation
Google Cloud Armor security policies are attached to backend services and are supported by external HTTP(S) Load Balancers (now called Global External Application Load Balancers). Cloud Armor provides WAF (Web Application Firewall) rules, DDoS protection, and IP allow/deny lists at the HTTP(S) layer. SSL Proxy load balancers operate at Layer 4 (TCP) and do not support Cloud Armor policy attachment. This makes sense architecturally because Cloud Armor inspects HTTP request attributes (URLs, headers, query parameters) which are only visible at the Layer 7 HTTP(S) load balancing layer.
Topics
Community Discussion
No community discussion yet for this question.