In GKE you can use External Ingress Controller to expose a service to the world and if you want you can use Google Cloud Armor to manage traffic and if required deny it with codes 403, 404, 502.
Lets say I have two services under External Ingress Controller: page1.com and page2.com
Is there a way to configure Ingress Controller (not necessarily via External Ingress Controller) so that page1.com would be accessible to anyone and page2.com would be accessible only to specific IP (lets say my home IP) and if you try to access page2.com from some other IP your attempt would just timeout instead of returning 403, 404 or 502?
I saw that there is an option to use Internal Load Balancer which would be accessible via Cloud VPN or IAP but they don't seem to fit as with Cloud VPN (if I understood correctly) you need some on-prem network and with IAP you would still get a prompt to login with Google Account instead of timing out.