Remove the overly permissive rules
Start the bastion host instance
Create a firewall rule that allows SSH (tcp/22) from the IAP service and add network tag on bastion
Create a firewall rule that allows traffic on HTTP (tcp/80) to any address and add network tag on juice-shop
Create a firewall rule that allows traffic on SSH (tcp/22) from acme-mgmt-subnet network address and add network tag on juice-shop
SSH to bastion host via IAP and juice-shop via bastion
Build and Secure Networks in Google Cloud: Challenge Lab
For this Challenge Lab you must complete a series of tasks within a limited time period. Instead of following step-by-step instructions, you'll be given a scenario and task - you figure out how to complete it on your own! An automated scoring system (shown on this page) will provide feedback on whether you have completed your tasks correctly.
To score 100% you must complete all tasks within the time period!
When you take a Challenge Lab, you will not be taught Google Cloud concepts. You'll need to use your advanced Compute Engine and general Google Cloud skills to assess how to build the solution to the challenge presented. This lab is only recommended for students who have advanced Google Cloud and Compute Engine skills. Are you up for the challenge?
- Secure remote ssh access via IAP-enabled bastion
- Firewall configuration and review
- Familiarity with VPC Networks
- Firewall rules and network tags
이 실습의 나머지 부분과 기타 사항에 대해 알아보려면 Qwiklabs에 가입하세요.
- Google Cloud Console에 대한 임시 액세스 권한을 얻습니다.
- 초급부터 고급 수준까지 200여 개의 실습이 준비되어 있습니다.
- 자신의 학습 속도에 맞춰 학습할 수 있도록 적은 분량으로 나누어져 있습니다.