Identity-Aware Proxy documentation
Identity-Aware Proxy (IAP) lets you manage access to applications running in App Engine standard environment, App Engine flexible environment, Compute Engine, and GKE. IAP establishes a central authorization layer for applications accessed by HTTPS, so you can adopt an application-level access control model instead of using network-level firewalls. When you turn on IAP, you must also use signed headers to secure your app.
Documentation resources
Guides
-
Quickstart: Authenticate users with Google Accounts
-
Using IAP for TCP forwarding
-
Programmatic authentication
-
Identity-Aware Proxy overview
-
Setting up an external HTTPS load balancer
-
Enabling IAP for GKE
-
Managing access to IAP-secured resources
-
Securing your app with signed headers
-
Enabling IAP for on-premises apps
-