—/100
Checkpoints
Remove the overly permissive rules
/ 10
Start the bastion host instance
/ 10
Create a firewall rule that allows SSH (tcp/22) from the IAP service and add network tag on bastion
/ 20
Create a firewall rule that allows traffic on HTTP (tcp/80) to any address and add network tag on juice-shop
/ 20
Create a firewall rule that allows traffic on SSH (tcp/22) from acme-mgmt-subnet network address and add network tag on juice-shop
/ 20
SSH to bastion host via IAP and juice-shop via bastion
/ 20
Build and Secure Networks in Google Cloud: Challenge Lab
GSP322
Overview
For this Challenge Lab you must complete a series of tasks within a limited time period. Instead of following step-by-step instructions, you'll be given a scenario and task - you figure out how to complete it on your own! An automated scoring system (shown on this page) will provide feedback on whether you have completed your tasks correctly.
To score 100% you must complete all tasks within the time period!
When you take a Challenge Lab, you will not be taught Google Cloud concepts. You'll need to use your advanced Compute Engine and general Google Cloud skills to assess how to build the solution to the challenge presented. This lab is only recommended for students who have advanced Google Cloud and Compute Engine skills. Are you up for the challenge?
Topics tested
- Secure remote ssh access via IAP-enabled bastion
- Firewall configuration and review
Prerequisites
- Familiarity with VPC Networks
- Firewall rules and network tags
- IAP
Bergabunglah dengan Qwiklabs untuk membaca tentang lab ini selengkapnya... beserta informasi lainnya!
- Dapatkan akses sementara ke Google Cloud Console.
- Lebih dari 200 lab mulai dari tingkat pemula hingga lanjutan.
- Berdurasi singkat, jadi Anda dapat belajar dengan santai.