I want to execute espresso UI test on firebase test cloud devices and my staging environment is a VPN network. So, Is it possible to configure VPN on firebase test cloud or can we configure cisco any connect VPN on firebase test cloud devices?
Thanks!
You could try whitelisting the Test Labs IP addresses for VPN-less access:
https://firebase.google.com/docs/test-lab/android/get-started#ip-blocks
Sorry, there's currently no way to configure the network for devices in Firebase Test Lab. They are only able to access publicly available network resources.
Always feel free to file a feature request to see if there's anything that can be done to suit your needs.
Related
We are evaluating mesibo for InApp messaging within our SaaS application. We would need OnPrem setup to comply to Data compliance requirements.
One clarity we would need on this regard is, when we switch from Cloud to Onprem setup still client side code continues to use https://mesibo.com url. In this case we believe all the traffic gets routed to our OnPrem server via Mesibo server.
Please confirm if this understanding is right? If so would there be any data residing on Mesibo server? This clarity is required for us to respond to our customers.
Thanks
No, once you enable On-premise, your client directly connects to your on-premise server. You can verify it using netstat utility. mesibo cloud will have no access to your data.
Refer to the following to learn more https://mesibo.com/documentation/faq/on-premise/#do-i-need-to-change-or-recompile-my-apps-to-run-with-mesibo-on-premise
Mesibo APIs support both cloud and on-premise. By default, it connects
to the cloud. However, if the app is configured to be on-premise, the
mesibo cloud will refuse to serve and will ask the client to connect
to an on-premise server, and will disconnect. Then onward, the client
will directly connect to the on-premise server and then all the
messages and calls will route to your mesibo on-premise server.
I have a web app with a React frontend on Firebase that connects to a Django backend running on Google App Engine.
I have this setup duplicated for a "staging" environment. The problem is that anyone can access this staging environment.
I'd like to set this up so that you need to be on our VPN to access it.
Can someone point me in the right direction to setup this VPN and move the staging environment behind it?
If you are using Firebase Hosting I believe there's no other way to restrict the access and it does not have a firewall feature. You should use authentication method to restrict and limit who can access your web app.
In App Engine, you can restrict the access of your web server/application by using the following:
App Engine Firewall - #JohnHanley answer, control which using IP addresses can connect to the app.
Identity Aware Proxy - without using VPN you can limit who can access of your App Engine by using their user account. IAP is free but when used with Compute Engine, the required load balancing and firewall configuration may incur additional costs.
App Engine with Load Balancer - to secure and make your App Engine(Standard & Flexible) receives only internal and Cloud Load Balancing traffic
I'd like to set this up so that you need to be on our VPN to access
it.
You cannot limit access to just your VPN. App Engine is in Google's network and you cannot limit access based upon a VPN.
You can use App Engine firewall rules to control which IP addresses can connect to the service. Firebase however does not have firewall rules.
If the public side of your Internet router has a static IP address, then this is simple to setup.
I recommend using authorization to limit who can access your services.
I have some firebase functions that have to connect to a REST service running on a GCE machine in GCP (under the same project of course). The firewall is blocking the connection and the only way to make it happen was to open the port to everybody.
Does anybody know how can you specify firebase functions as source in a firewall rule?
You should use Service account in a source of firewall rule. Service account which is associated with you Fire-base Cloud function. Following steps will
Go the google cloud console and select with project name.
Go to the IAM section and find your service account with
(name="Google Cloud Functions Service Agent" and has #gcf.***.com)
Link this service account with firewall rule source.
I have a MySQL database instance on Google Cloud SQL. Currently it has over 10 authorized ip addresses since multiple teams are accessing it from various locations. I would like to know if I can setup a VPN to this database instance and authorize just this ip address, instead of 10 addresses.
If that's possible, I would also like to know how many user accounts I can create for one VPN. I could not understand the Google Cloud documentation about setting up VPN. Please provide links to websites/tutorials/documentation that can help me with setting up a VPN in Google Cloud Platform.
Thanks.
Using cloud VPN and authorize only its external IP will not work for two reasons:
1) You can not specify in cloud SQL a private network (for example, 10.x.x.x) as an authorized network. as documented here.
2) Packets will arrive to cloud SQL after decapsulation which means that Cloud SQL get them as they come from different source IPs.
If you want more secure connection without IP white-listing, maybe using cloud SQL proxy.
I have switched to using Firebase for hosting my website, a welcome change from the mayhem that is AppEngine. I have been reading through the documentation and have seen that Firebase has a serve cmd line tool which creates a server on my localhost but with AppEngine I was able to run a test server that looked like 192.168.0.00:8080 which allowed me to view my website on my phone and other devices connected to my network.
Is there a way to set this up with Firebase? Or maybe a better way to test my website (with it still being private) on multiple devices connected to the same network? Thanks!