Reputation: 4742
Google Cloud Function to be not accessible publicly
Google Cloud Functions can be accessed publicly using their URL which has format like
https://<region>-<projectId>.cloudfunctions.net/<functionName>
Although, authentication can be set up so that only authorized entities can pass the authentication, which is described in https://cloud.google.com/functions/docs/securing/authenticating and https://cloud.google.com/functions/docs/securing/managing-access
Those who are not authorized would be given 403 error if no Authorization bearer token header is sent, or 401 error if Authorization bearer token is invalid.
But still, anyone who has the URL can make a call to the Cloud Function. They would get an error, but still would be able to access it.
Is it possible to restrict this public accessibility of Cloud Functions? Such that something they can only be accessed privately.
Upvotes: 0
Views: 659
Answers (1)
Reputation: 76018
No, it's not possible today, but it could change in the future.
Today, you have to rely on Google security. If your function requires authentication, it will be invoked only if the authentication is successful. By the way, you won't be charged in case of wrong call or ddos attack.
Upvotes: 2
Related Questions
- Google Cloud Functions Public URL
- How dangerous is it for me to leave a Cloud Function exposed to the public?
- Google Cloud Function restrict developer/editor access to function
- Cloud Functions calling another Cloud Functions faces "Access is forbidden"
- How to make gcp cloud function public using Terraform
- Restrict access to Google Cloud Function
- How can I disable http access to a GCP Cloud function
- Cloud Function Permissions (403 when invoking from another cloud function)
- Google Cloud Function not created with Private access
- Securing HTTP cloud function