No. These microservices are sitting behind a firewall that doesn’t allow any request from outside. The firewall is something you can configure when you deploy your application to say, AWS.
You’ll only allow requests to Gateway and block everything else. Only the gateway is able to talk to these services and no one else.