Hello,
I set up Metabase in GKE autopilot private cluster in GCP, and I have Big Query tables that I want to query from Metabase.
The thing is that I have set up Network Policies in my namespace to authorize traffic from the namepsace where Metabase is running, kube-proxy namespace, VPC IP CIDR range, IP of my database and restricted+private CIDR of Big Query API (all ingress and egress of ports 443, 8080, 80, 8001, 3000, 53 TCP and UDP).
I also set up a FQDN Network policy to allow egress to *.googleapis.com and oauth2.googleapis.com.
Without my Network Policies I can query Big Query, but with this Network Policy it seems that the traffic is not passing.
Do you have ideas on how to authorize this flow ?
{
"browser-info": {
"language": "en-GB",
"platform": "MacIntel",
"userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0",
"vendor": ""
},
"system-info": {
"file.encoding": "UTF-8",
"java.runtime.name": "OpenJDK Runtime Environment",
"java.runtime.version": "11.0.23+9",
"java.vendor": "Eclipse Adoptium",
"java.vendor.url": "https://adoptium.net/",
"java.version": "11.0.23",
"java.vm.name": "OpenJDK 64-Bit Server VM",
"java.vm.version": "11.0.23+9",
"os.name": "Linux",
"os.version": "5.10.213-201.855.amzn2.x86_64",
"user.language": "en",
"user.timezone": "GMT"
},
"metabase-info": {
"databases": [
"postgres",
"redshift",
"athena"
],
"hosting-env": "unknown",
"application-database": "postgres",
"application-database-details": {
"database": {
"name": "PostgreSQL",
"version": "13.12"
},
"jdbc-driver": {
"name": "PostgreSQL JDBC Driver",
"version": "42.7.2"
}
},
"run-mode": "prod",
"version": {
"date": "2024-05-15",
"tag": "v0.49.10",
"hash": "432967f4"
},
"settings": {
"report-timezone": "Europe/London"
}
}
}