Using Google Compute Engine as a proxy for a Google App Engine web app

Question

I have a Java web app on Google App Engine which makes requests to an external API. The API recently requires the whitelisting of IP addresses in order to access its service

Answer 1

You can solve the issue by configuring your app engine instances and custom NAT instance in same VPC custom network with routing rules.

Related google documents are below;

1. Configure a Compute Engine VM instance as Nat Gateway (https://cloud.google.com/vpc/docs/special-configurations#natgateway)

2. Create routing rule for this instance (https://cloud.google.com/vpc/docs/using-routes#addingroute) and (https://cloud.google.com/vpc/docs/using-routes#canipforward)

3. Configure your app.yaml network properties (https://cloud.google.com/appengine/docs/flexible/java/configuring-your-app-with-app-yaml#network_settings)

If you have complex system, I highly recommend you to create subnetwork and a certain tag to flog which GAE instances to be forwarded to NAT gateway.