GCP Classroom Series – 18/Feb/2021


  • Firewall is all about allowing and denying network traffic
  • Corporate Firewall/Tradational firewall Preview
  • Google also has a virtual firewall which is defined at network level but is enforced for each instance Preview
  • No firewall means
    • no ingress => no packets are allowed to communicate into GCP VM Instance
    • full egress => all the packets will be allowed to communicate from GCP VM Instance
  • Firewall has Rules, which managed external & internal access to resources
  • Implied => deny all ingress
  • Implied => Allow all egress
  • Firewal Rule Components
    • Direction: Ingress or Egress
    • Target: GCP resources the rule applies to: Entire network, Target Tags, Service Account
    • Source/Destination Filter: Incoming Sources, Outgoing Destination that the rule applies to
    • Action: Allow or Deny
    • Protocol/Port: Protocols and ports that are allowed/denied
    • Priority: Priority to give overlapping/conflicting rules a winner (Lower the number higher the priority)
  • The default firewall rules created by GCP for default vpc are as shown below Preview
  • Lets quickly create a virtual instance in default network with any linux os in us-central1
  • Then create one more virtual machine in default network with any linux os in us-east1 Preview
  • Now connect to vm1 using browser ssh session
  • Vm1 which we created is able to ping internet and also vm2 using internal ip


  • Create a custom vpc with two subnets in us-central1 and us-east1 Preview
  • Now create a vm in us-central1 and us-east1 Preview
  • Try to connect to the vm created. Preview
  • We will not be able to login as default/implied firewall rule comes into play
  • Now create a firewall rule which allows ssh traffic for the vm with tag webserver Preview
  • After this we should be able to login into web server
  • Now lets create a firewall rule which allows ssh from webserver into appserver
    • Create a tag for appserver

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

About learningthoughtsadmin