If I Block IP Addresses in Google Cloud Platform and I get DDoS Attack from those blocked IP Addresses, will Google Cloud Handle The Attack Or Null Route My Google VM IP?
Google Cloud Platform – DDoS Mitigation Strategies
ddosgoogle-cloud-platform
ddosgoogle-cloud-platform
If I Block IP Addresses in Google Cloud Platform and I get DDoS Attack from those blocked IP Addresses, will Google Cloud Handle The Attack Or Null Route My Google VM IP?
Best Answer
The VPC firewall rules can prevent ingress traffic from reaching your VM. Whether that protects against DDoS or not depends on whether the bottleneck is before or after the firewall.
The documentation doesn't mention where the bottleneck will be in your scenario, and it doesn't mention how it will respond to a DDoS attack.
So your answer cannot be answered from the documentation alone. The prudent cause of action would be to assume there is no DDoS protection or directly ask Google Cloud Platform support.
The protection which the firewall rules does give you when configured correctly is that the traffic won't reach your VMs. If you for example were running a service which could be used for amplification attacks, then protecting that service with firewall rules can prevent your VMs from being used in such DDoS attacks against others.
However Google Cloud does have a product which offers DDoS protection. That product is called Cloud Armor and is currently in the beta phase.
So if you have a service running on Google Compute Engine and that service is provided over HTTP(S). I would recommend using Cloud Armor if you need DDoS protection.