This medium article focusses on the detailed walkthrough of the steps I took to solve the challenge lab of the Build and Secure Networks in Google Cloud in Google Cloud Skill Badge on the Google Cloud Platform (Qwiklabs). I got access to this lab in the Google Cloud Ready Facilitator Program. Thanks to Google!

Till now, I have completed over 100 labs and 23 quests on Qwiklabs. Below is the reference to my profile.

This lab is only recommended for students who have completed the labs in the Google Cloud Essentials. Are you up for the challenge? Let’s go!

Challenge Scenario

There are 6 small tasks in this challenge lab, all of which should be completed to score 100/100. This tutorial list out the steps I took to solve all the six challenges within the lab. The six tasks are as follows:

1. Removing the overly permissive rules i.e. the existing firewall.
2. **Starting the bastion **host instance.
3. Creating a firewall rule that allows SSH (tcp/22) from the IAP service and adding network tag on bastion.
4. Creating a firewall rule that allows traffic on HTTP (tcp/80) to any address and adding network tag on juice-shop.
5. Creating a firewall rule that allows traffic on SSH (tcp/22) from acme-mgmt-subnet network address and adding network tag on juice-shop.
6. SSH to bastion host via IAP and juice-shop via bastion.

#cloud-computing #firewall #google-cloud-platform #data-science