This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Cloud Functions deployed in asia-northeast1 are being executed from a US IP addres

Posted 3 weeks ago
eto_skygroup
Bronze 2
Bronze 2
Reply posted on --/--/---- --:-- AM

I deployed Cloud Functions to asia-northeast1. I wrote the following code in Node.js and ran a test. The IP address included in the response was 107.178.234.95, which makes it appear as if it is being executed from the United States.

    const response = await axios.get('https://api.ipify.org?format=json');
    console.log(response.data.ip);

 

The reason I am investigating this is that requests sent from Cloud Functions to AWS CloudFront, which has geographical restrictions to allow access only from Japan, are being blocked with a 403 error. The specific error message was, "The Amazon CloudFront distribution is configured to block access from your country."

How can I ensure that the IP address used by Cloud Functions is from asia-northeast1 (Tokyo)?

キャプチャ.PNG

Solved Solved
0 2 82
Topic Labels
Jump to Solution
0 Likes
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
VaidehiJ
Staff
Reply posted on --/--/---- --:-- AM

Hello , 

Welcome to Google Cloud Community!

I could understand from your question above that the function is deployed in asia-northeast1, however the endpoint IP seen is from a US IP address. Please note that Google's network tries to route requests into the global Google network as early as possible, so when it is seen from outside ,the endpoint from a US-based IP, they will see a US-based IP address. Also as the deploying and serving region is asia-northeast1 requests will still be served by the function in asia-northeast1. 

Also as you mentioned that you need to restrict specific geographical restrictions to allow access only from Japan you may achieve this requirement by creating a static external IP address in the same region. To achieve this you may check this document which shows how to reserve IP address to a cloud function.

 

If you have any other questions or concerns about your issue, please do not hesitate to reply back here.

View solution in original post

Jump to Solution
2 REPLIES 2

Posted on --/--/---- --:-- AM
VaidehiJ
Staff
Reply posted on --/--/---- --:-- AM

Hello , 

Welcome to Google Cloud Community!

I could understand from your question above that the function is deployed in asia-northeast1, however the endpoint IP seen is from a US IP address. Please note that Google's network tries to route requests into the global Google network as early as possible, so when it is seen from outside ,the endpoint from a US-based IP, they will see a US-based IP address. Also as the deploying and serving region is asia-northeast1 requests will still be served by the function in asia-northeast1. 

Also as you mentioned that you need to restrict specific geographical restrictions to allow access only from Japan you may achieve this requirement by creating a static external IP address in the same region. To achieve this you may check this document which shows how to reserve IP address to a cloud function.

 

If you have any other questions or concerns about your issue, please do not hesitate to reply back here.

Jump to Solution

Posted on --/--/---- --:-- AM
eto_skygroup
Bronze 2
Bronze 2
In response to VaidehiJ
Reply posted on --/--/---- --:-- AM

okey, thank you for your reply!

I'll take a look at the document

Jump to Solution
0 Likes
Top Solution Authors
View all