Restrict access to analytics configurator endpoint to .com only
Problem to solve
It is currently possible for clients from outside of GitLab.com to call the configurator for both our private and shared cluster.
Proposed solution
Use Google Cloud Armor to restrict access to this new configurator endpoint to only accept requests from .com.
1️⃣
Implementation plan - - Update the GCA policies for production and .com as per our docs to restrict access to requests made only from .com.
Edited by Max Woolf