Alex Fragotsis
Reputation: 1268
Allow POST to google cloud functions but not GET?
So I'm writing an internal API with Google's cloud functions and we're going to allow only authenticated internal service accounts to access that function. We have some security issues and I was wondering if it's possible to allow for example everyone to make POST calls but limit the service accounts that can make a GET call. Is this possible?
Upvotes: 1
Views: 287
Answers (1)
guillaume blaquiere
Reputation: 75715
You can use API Gateway to set different level of security on different endpoints and different verbs.
If you want to authorize only some identities on a special verbs, you need to filter that in your code, no product allow you that out of the box (maybe Apigee but it's quite expensive).
Upvotes: 1
Related Questions
- 403 Response from Google Cloud Functions
- Google Cloud Function Authorization Failing
- Google Cloud Function 403 for internal authenticated requests
- Cloud Functions calling another Cloud Functions faces "Access is forbidden"
- How can I disable http access to a GCP Cloud function
- Google cloud function permission problems
- Cloud Function Permissions (403 when invoking from another cloud function)
- Endpoint for Cloud Function returns 403 Forbidden
- Securing HTTP cloud function
- Are only POST requests available with Google Cloud Functions HTTP Triggers