Reputation: 2619
How I check that an api call to an appengine instance came from a Google Compute Engine instance?
We are using a Google Compute Engine instance to generate convert datastore tables into large downloadable csv files. We want this instance to log errors to an app engine front end instance by calling:
/api/log
But we want to be sure that this call came from the Google Compute Engine instance which has the authority to write to the log. How can we check that an api call came from a Google Compute Engine instance?
Upvotes: 2
Views: 166
Answers (1)
Reputation: 41099
It all depends on how secure you want it to be. The simplest solution is to include a parameter in your POST request that only your backend and front-end instances would recognize - any random sequence of characters will do the trick. The next level is to use a secret key to encrypt the contents of the request - there are many implementations depending on the language that you use.
This approach is more flexible too, if you decide, for example, to move your backend from App Engine to Compute Engine.
Upvotes: 1
Related Questions
- Restrict access to AppEngine so that only another AppEngine service from another Google Cloud Project can access it
- How do I get an instance Id of app engine front server?
- Make a request to specific app engine instance
- Is it possible to get a list of App Engine instances via gcloud?
- Check Google App Engine server parameters
- Finding out which client is making the API call : Google app engine
- How does Google App Engine (GAE) Java server check if it a backend?
- Google App Engine Backend URL on dev server. How to find out in code?
- AppEngine Get HOST of incoming request
- How can an application know that it is running on Google AppEngine?