In light of recent attacks against cloud-based users, Google added new capabilities to Cloud Armor.

In a recent blog post, Google stated that modern cyberattacks use increasingly comprehensive techniques like volumetric floods, bot-based attacks, API abuse and DDoS attacks.

Google Cloud Armor aims to thwart these attacks by adding new updates and patches. Google Cloud Armor is the main line of defence for internal services (e.g. YouTube and Gmail) and external services (e.g. customers’ apps).

Rate limiting may be one of the most useful new features. To combat high-volume requests like DDoS attacks, customers are able to limit the rate of requests that their applications and services receive.

Rate limiting

Rate limiting allows setting limitations on the amount of traffic sent towards backend resources. By doing so, the feature prevents unwelcome traffic that consumes too many resources and impacts the availability of a service.

With the update, Cloud Armor offers customers two types of rate limits. One enforces a maximum request limit per client and the second enforces a maximum request count on all client-based HTTP properties.