I have a GAE project (flexible) consisting of 1 default and 2 subservices:
foo.appspot.com
service1.foo.appspot.com
service2.foo.appspot.com
Now I want to use foo.appspot.com
as API proxy & auth gateway to the internal services service1
and service2
. The proxy itself I wrote and it is working fine.
I am struggling with adjusting the GAE Firewall to forbid incoming world traffic to service1
and service2
because I would like force an API user to send requests to foo.appspot.com
. Traffic to the default service foo
should be allowed.
It seems I can just enter IPs in the Firewall settings but not service names. The docs says that it should work but does not show how.
Thanks for the help!