1. Open the Google Cloud Console and select the project in which the Cloud CDN has been configured.
2. In the left-hand side menu, click on “Cloud CDN”.
3. In the Cloud CDN dashboard, click on the name of the CDN you want to modify.
4. In the CDN details page, click on the “Backend configuration” tab.
5. In the “Backend configuration” tab, click on the “Edit” button.
6. In the “Edit backend configuration” page, scroll down to the “Backend service” section.
7. In the “Backend service” section, click on the “Edit” button.
8. In the “Edit backend service” page, scroll down to the “Protocol” section.
9. In the “Protocol” section, select “HTTPS” from the drop-down list.
10. In the same section, select the “Port number” as per your requirement.
11. Click on the “Save” button to save the changes.
12. Repeat steps 5-11 for all the backend services used by the CDN.

​

1. Open the Cloud Shell in your GCP console.
2. Run the following command to list all the backend services in your project:
   Copy

   Ask AI

   gcloud compute backend-services list
   
3. Identify the backend service that needs to be remediated and note down its name.
4. Run the following command to update the backend service and enable secure listeners:
   Copy

   Ask AI

   gcloud compute backend-services update <BACKEND_SERVICE_NAME> --enable-cdn --protocol HTTPS --global
   
   Replace <BACKEND_SERVICE_NAME> with the actual name of the backend service that needs to be remediated.
5. Verify the configuration by running the following command:
   Copy

   Ask AI

   gcloud compute backend-services describe <BACKEND_SERVICE_NAME> --global
   
   This command will display the details of the backend service, including the protocol and port used for the secure listener.
6. Repeat the above steps for all the backend services in your project that need to be remediated.

1. Import the required libraries:

from googleapiclient.discovery import build
from google.oauth2 import service_account

2. Set up the authentication using a service account:

credentials = service_account.Credentials.from_service_account_file(
    'path/to/service_account.json')

3. Build the Cloud CDN API client:

cdn = build('cdn', 'v1', credentials=credentials)

4. Get the list of backend services using the projects().global().backendServices().list() method:

backend_services = cdn.projects().global().backendServices().list(
    project='your-project-id').execute()

5. Loop through each backend service and check if it has a secure listener:

for backend_service in backend_services['items']:
    if '443' not in backend_service['port']:
        # Update the backend service to use a secure listener
        backend_service['port'].append('443')
        cdn.projects().global().backendServices().update(
            project='your-project-id',
            backendService=backend_service['name'],
            body=backend_service).execute()

6. Save the changes and exit the script.