Access control and API management
A major component of network architecture is controlling which communications are allowed and which are not. Firewall rules are a fundamental component of GCP networking, and provide a base layer to access control. However, there are many cases where firewall rules are insufficient, such as authorization and authentication-based access. Additionally, some infrastructure components such as target proxies reduce the ability of firewall rules to restrict access by client IP. Fortunately, Google offers a number of additional services for monitoring and controlling network access, including Cloud Endpoints, Identity Aware Proxy, and Cloud Armor. Each of these services provides some form of access control, with varying feature sets and granularity.
Google Cloud Endpoints
Google Cloud Endpoints is an extensive API management platform that provides many of the common features required when serving production APIs. Cloud Endpoints builds upon the Google Service Management...