Chosing the right configuration to secure my app (n8n) on GKE

Hi There,

I’m new with Google Cloud and I will host a n8n on GKE (standard).

My question is about security and webhooks.
I’ve heard it is necessary to setup a reverse proxy to use webhooks.

Could you please help me select the right configuration to secure the connexion (https) and manage webhooks properly ?

Thanks a lot,
JP

Hello @Jean-Philippe ,

Welcome to Google Cloud Community!

Here are some tips to secure your n8n instance hosted on GKE for handling webhooks.

Setup a reverse proxy for Webhook security
Choose the right reverse proxy
HTTPS with SSL/TLS:

• Enable HTTPS in your reverse proxy configuration.
• Obtain SSL/TLS certificates: You can either use self-signed certificates for testing or obtain certificates from trusted CAs for production environments.
• Configure SSL/TLS termination on the reverse proxy. This ensures that only encrypted connections reach your n8n instance.

Webhook Management:

• Configure n8n webhooks: Define webhooks within n8n specifying their URL endpoints.
• Use secure connections: Ensure webhook URLs (exposed by the reverse proxy) use HTTPS and are accessible to the authorized senders.
• Implement authentication and authorization: Use appropriate mechanisms like API keys, tokens, or challenge-response to restrict access to your webhooks and prevent unauthorized data manipulation. Consider using n8n’s native features or additional security plugins for authentication and authorization.
• Monitor and log webhook activity: Monitor and log webhook requests to track usage, identify potential issues, and maintain an audit trail.

See resources below that might be helpful for you
https://www.doit.com/securely-access-aws-from-gke/
https://github.com/elastic/cloud-on-k8s/issues/1437
https://cloud.google.com/kubernetes-engine/docs/how-to/optimize-webhooks
https://cloud.google.com/kubernetes-engine/docs/deprecations/webhookcompatibility

Don’t hesitate to post back any questions here. We are delighted to try and help.

Thanks!