This section discusses configuration of firewall rule for permitting ingress traffic.

To configure a firewall rule to allow ingress traffic for the Controller:

Procedure

  1. From the GCP console, navigate to VPC Network > Firewall. Click CREATE FIREWALL POLICY.
  2. Enter the policy name. Select the deployment scope as Global or Regional. Click CONTINUE.
  3. You can add firewall rules to control incoming or outgoing traffic to an instance. Click ADD RULE. In Create a firewall rule screen, enter the order that a rule should be applied within a policy. Rules with lower numbers get prioritized first. Select Ingress as the Direction of traffic and Allow as the Action on match.
  4. Select the type of target from Target Type drop-down list to apply the firewall rules only to the selected instances within the virtual network. Based on the type of target selected, you can specify the source filter ranges, or tags, or service account scope details.
  5. Select Specified protocol and ports option in Protocols and ports and enter the TCP, UDP ports to which the firewall rules are applicable.
  6. Click Create button.

Results

Firewall rule to allow ingress traffic for the Controller is now configured.