Cloud Armor
Definition
Google Cloud security service that provides DDoS protection and web application firewall, ensuring robust defense against online threats.
Use Cases
- Google Cloud: Protecting Google Cloud HTTP(S) Load Balancing customers from application-layer attacks and volumetric traffic spikes — Cloud Armor policies are attached to external HTTP(S) Load Balancers and backend services, using preconfigured WAF rules (based on OWASP patterns), custom allow/deny rules, and rate limiting to block abusive clients at the edge (Reduced exposure to common web exploits and improved resilience during traffic surges by filtering malicious requests before they reach application backends)
- N/A (common industry pattern): E-commerce flash sale protection against bot-driven scraping, credential stuffing, and L7 DDoS during peak events — Teams place their storefront behind Google Cloud external HTTP(S) Load Balancing, enable Cloud Armor WAF preconfigured rules, add rate limits per IP/region, and create allowlists for trusted partners and health checks (Fewer successful malicious requests reaching the origin, more stable checkout performance during peak demand, and lower incident response load during sales events)
Provider Equivalents
- AWS: AWS WAF and AWS Shield
- Azure: Azure Web Application Firewall and Azure DDoS Protection
- GCP: Google Cloud Armor
- OCI: OCI Web Application Firewall and OCI DDoS Protection
Frequently Asked Questions
- What's the difference between Cloud Armor and Cloud CDN?
- Cloud CDN speeds up content delivery by caching responses closer to users. Cloud Armor is a security layer that blocks or rate-limits malicious traffic (like DDoS or web attacks). They’re often used together: CDN improves performance, while Cloud Armor reduces harmful requests before they hit your application.
- When should I use Cloud Armor?
- Use Cloud Armor when you expose web applications or APIs over HTTP(S) through Google Cloud external HTTP(S) Load Balancing and you need protection from common web attacks (for example SQL injection or XSS), bot/abuse traffic, or application-layer DDoS. It’s especially useful for internet-facing services, login endpoints, checkout flows, and any API that could be targeted for scraping or brute-force attempts.
- How much does Cloud Armor cost?
- Pricing is usage-based and typically depends on factors like the number of security policies, the number of rules you configure (including preconfigured WAF rules), and the volume of requests evaluated by Cloud Armor. Costs can increase with higher traffic, more complex rule sets, and advanced features such as rate limiting. For exact numbers, use the Google Cloud Pricing page and estimate with your expected request volume and policy/rule count.
Category: security
Difficulty: intermediate
Related Terms
See Also