menu
arrow_back
Back

Build and Secure Networks in Google Cloud: Challenge Lab

—/100

Checkpoints

arrow_forward

Remove the overly permissive rules

Start the bastion host instance

Create a firewall rule that allows SSH (tcp/22) from the IAP service and add network tag on bastion

Create a firewall rule that allows traffic on HTTP (tcp/80) to any address and add network tag on juice-shop

Create a firewall rule that allows traffic on SSH (tcp/22) from acme-mgmt-subnet network address and add network tag on juice-shop

SSH to bastion host via IAP and juice-shop via bastion

Build and Secure Networks in Google Cloud: Challenge Lab

1 hour 9 Credits

GSP322

Google Cloud Self-Paced Labs

Overview

In a challenge lab you’re given a scenario and a set of tasks. Instead of following step-by-step instructions, you will use the skills learned from the labs in the quest to figure out how to complete the tasks on your own! An automated scoring system (shown on this page) will provide feedback on whether you have completed your tasks correctly.

When you take a challenge lab, you will not be taught new Google Cloud concepts. You are expected to extend your learned skills, like changing default values and reading and researching error messages to fix your own mistakes.

To score 100% you must successfully complete all tasks within the time period!

Topics tested

  • Secure remote ssh access via IAP-enabled bastion
  • Firewall configuration and review

Prerequisites

  • Familiarity with VPC Networks
  • Firewall rules and network tags
  • IAP

Join Qwiklabs to read the rest of this lab...and more!

  • Get temporary access to the Google Cloud Console.
  • Over 200 labs from beginner to advanced levels.
  • Bite-sized so you can learn at your own pace.
Join to Start This Lab