How can I enable HSTS on the default Google Load Balancer coming with Google Container Engine?

Solution 1:

HSTS is currently not possible by Google Cloud Load Balancer. There is a feature request already open for this feature . You can subscribe to the feature request for updates.

Solution 2:

Google Cloud seems to support now custom request and response headers for HTTP(S) Load Balancers. I've added a custom Strict-Transport-Security response header for our backend and it works as expected.

In the given example we use a backend bucket, however the custom header option is available for other backend types too.

Example custom response header