Cloud Identity-Aware Proxy
Use identity to guard access for applications deployed on GCP
Try Cloud Identity-Aware Proxy View My ConsoleUse Identity to Sign Into Apps
Cloud Identity-Aware Proxy (Cloud IAP) controls access to your cloud applications running on Google Cloud Platform. Cloud IAP works by verifying a user’s identity and determining if that user should be allowed to access the application. Cloud IAP is a building block toward BeyondCorp, an enterprise security model that enables every employee to work from untrusted networks without the use of a VPN.
Simpler for Cloud Admins
Add secure web access to an application in less time than it takes to implement a VPN. Let your developers focus on their application logic, while Cloud IAP takes care of authentication and authorization. Only authenticated users are granted access to the application.
Simpler for Remote Workers
End-users point their web browser to an internet-accessible url to access Cloud IAP-secured applications. No VPN client is required.
Control Access by User Identity
Administrators create policies to specify which groups of identities are granted access to GCP-hosted applications.
Secure Access Administration
Configure a single layer of security to manage user access to cloud applications. Administrators can improve security with Security Key Enforcement to deter phishing.
Cloud Identity-Aware Proxy Features
Use identity to guard access for applications deployed on GCP.
- Identity-based access control
- Cloud IAP uses identity to protect access for applications deployed on GCP.
- Saves admin time
- Faster to deploy than a VPN. Once deployed, Cloud IAP provides a single point of control for managing user access to web applications.
- Free of charge
- There is no charge for identity-based access controls.
- Saves end-user time
- Faster to sign into than a VPN. No VPN client login.
- Deploys in minutes
- Let your developers focus on their application logic, while Cloud IAP takes care of authentication and authorization.
Cloud Identity-Aware Proxy Pricing
There is no charge for using Cloud IAP. However, when used with Google Compute Engine, the required load balancing and firewall configuration may incur additional costs. Read more about load balancing and protocol forwarding pricing in the Compute Engine pricing guide.