Cloud Identity-Aware Proxy

Use identity to guard access for applications deployed on GCP

Try Cloud Identity-Aware Proxy View My Console

Use Identity to Sign Into Apps

Cloud Identity-Aware Proxy (Cloud IAP) controls access to your cloud applications running on Google Cloud Platform. Cloud IAP works by verifying a user’s identity and determining if that user should be allowed to access the application. Cloud IAP is a building block toward BeyondCorp, an enterprise security model that enables every employee to work from untrusted networks without the use of a VPN.

Simpler for Cloud Admins

Add secure web access to an application in less time than it takes to implement a VPN. Let your developers focus on their application logic, while Cloud IAP takes care of authentication and authorization. Only authenticated users are granted access to the application.

Simpler for Remote Workers

End-users point their web browser to an internet-accessible url to access Cloud IAP-secured applications. No VPN client is required.

Control Access by User Identity

Administrators create policies to specify which groups of identities are granted access to GCP-hosted applications.

Secure Access Administration

Configure a single layer of security to manage user access to cloud applications. Administrators can improve security with Security Key Enforcement to deter phishing.

Cloud Identity-Aware Proxy Features

Use identity to guard access for applications deployed on GCP.

Identity-based access control
Cloud IAP uses identity to protect access for applications deployed on GCP.
Saves admin time
Faster to deploy than a VPN. Once deployed, Cloud IAP provides a single point of control for managing user access to web applications.
Free of charge
There is no charge for identity-based access controls.
Saves end-user time
Faster to sign into than a VPN. No VPN client login.
Deploys in minutes
Let your developers focus on their application logic, while Cloud IAP takes care of authentication and authorization.

Cloud Identity-Aware Proxy Pricing

There is no charge for using Cloud IAP. However, when used with Google Compute Engine, the required load balancing and firewall configuration may incur additional costs. Read more about load balancing and protocol forwarding pricing in the Compute Engine pricing guide.

Cloud Identity-Aware Proxy for App Engine flexible environment is in beta. This feature is not covered by any SLA or deprecation policy and may be subject to backward-incompatible changes for App Engine flexible environment.

Monitora le risorse ovunque ti trovi

Utilizza l'app Google Cloud Console per gestire i progetti.