Binance 搞事．限制API來源國家的使用

# Binance 搞事．限制API來源國家的使用 ![](https://i.imgur.com/c0lcsvY.png) 就如罐頭訊息般的回文，讓我對於 GCP 失效很焦慮． ## GCP(Google Cloud Function) * 我選擇亞洲的區的甚至台灣區的 server 怎麼還不行？讓我們 deploy 一隻小程式顯示來源IP． ``` result = requests.get("https://api.ipify.org?format=json") return json.dumps(result.json()) ``` 結果為 35.203.255.124 用網路現成的查詢IP服務，才發現這是美國的ＩＰ，難怪 Binance 會一直阻擋． ![](https://i.imgur.com/LspXcFV.png) ## 解法．設定 VPC (Vitrual Private Cloud Network) ![](https://i.imgur.com/0UIZTBq.png) ### 使用 Google Cloud SDK 完成按照以下步驟重新部署後，對外連線的ＩＰ就是你指定地區的固定ＩＰ．這樣好處還不錯，還可以在其他服務中設定白名單．因為幣安搞事讓我又學到了.....Orz #### Create VPC ``` gcloud services enable compute.googleapis.com gcloud compute networks create my-vpc \ --subnet-mode=custom \ --bgp-routing-mode=regional ``` #### Create a Serverless VPC Access connectors ``` gcloud services enable vpcaccess.googleapis.com gcloud compute networks vpc-access connectors create functions-connector \ --network my-vpc \ --region asia-east1 \ --range 10.8.0.0/28 ``` #### Grant Permissions ``` export PROJECT_ID=$(gcloud config list --format 'value(core.project)') export PROJECT_NUMBER=$(gcloud projects list --filter="$PROJECT_ID" --format="value(PROJECT_NUMBER)") gcloud projects add-iam-policy-binding $PROJECT_ID \ --member=serviceAccount:service-$PROJECT_NUMBER@gcf-admin-robot.iam.gserviceaccount.com \ --role=roles/viewer gcloud projects add-iam-policy-binding $PROJECT_ID \ --member=serviceAccount:service-$PROJECT_NUMBER@gcf-admin-robot.iam.gserviceaccount.com \ --role=roles/compute.networkUser ``` #### Configurate the connector ``` gcloud functions deploy %你自己的 Google Cloud Function% \ --runtime python37 \ --entry-point main \ --trigger-http \ --allow-unauthenticated \ --vpc-connector functions-connector \ --egress-settings all \ --region asia-east1 ``` #### Reserve static IP ``` gcloud compute addresses create functions-static-ip \ --region=asia-east1 ``` #### Creating the Cloud Router ``` gcloud compute routers create my-router \ --network my-vpc \ --region asia-east1 ``` #### Creating Cloud Nat ``` gcloud compute routers nats create my-cloud-nat-config \ --router=my-router \ --nat-external-ip-pool=functions-static-ip \ --nat-all-subnet-ip-ranges \ --enable-logging ``` 來源參考資料： https://github.com/AlvarDev/functions-static-ip ###### tags: `疑難雜症` `Binance`