Documentación de Identity-Aware Proxy
Identity-Aware Proxy (IAP) te permite administrar el acceso a aplicaciones que se ejecutan en el entorno estándar y en el entorno flexible de App Engine, Compute Engine y GKE. IAP establece una capa de autorización central para las aplicaciones a las que se accede a través de HTTPS, por lo que puedes adoptar un modelo de control de acceso a nivel de aplicación en lugar de usar firewalls a nivel de red. Cuando activas IAP, también debes usar encabezados firmados para proteger tu app.
Comienza tu próximo proyecto con un crédito gratis de $300
Crea y prueba una prueba de concepto con los créditos de la prueba gratuita y el uso mensual gratuito de más de 20 productos.
Recursos de documentación
Guías
-
Guía de inicio rápido: Autentica usuarios con Cuentas de Google
-
Uso de IAP para redirección de TCP
-
Autenticación programática
-
Descripción general de Identity-Aware Proxy
-
Configura un balanceador de cargas HTTPS externo
-
Habilita IAP para GKE
-
Administra el acceso a los recursos protegidos con IAP
-
Protege tu app con encabezados firmados
-
Habilita IAP para aplicaciones locales
-
Recursos relacionados
Videos relacionados
Cloud Run user auth for internal apps
Enabling IAP for Cloud Run → https://goo.gle/43O59zz GitHub → https://goo.gle/3Ch8gUK In this video, Martin demonstrates how to host an application on Cloud Run using Google's Identity-Aware Proxy and ensure only a list of approved users can access
Top 3 pain points for serverless developers
This is the 100th episode of Serverless Expeditions! To celebrate, Martin and Wes discuss 3 top obstacles for serverless developers and how to overcome them. Watch along to learn how an old circuit board and imaginary maps can help you think
Designing a serverless finance system on Google Cloud
Identity Aware Proxy → https://goo.gle/3DqLybV App Engine → https://goo.gle/3co26FC Cloud SQL → https://goo.gle/3codnWw It’s time to design another serverless app! Let’s say you need a process for your employees and vendors to submit expenses so the
Centralize access to your organization’s websites with Identity Aware Proxy (IAP)
Controlling access to websites and apps → http://goo.gle/2LVC0jD Control access to your web sites with Identity-Aware Proxy → http://goo.gle/3o5x5cN Most large organizations have multiple web systems, from public websites to internal tools used by
Getting started with BeyondCorp: A deeper look into IAP
An increasing number of Fortune 500 companies have adopted Google Cloud’s Zero Trust solution to protect access to applications across multiple clouds and on-premises data centers. Learn why your company may need to adopt a new security model (known
Top 3 data risks in Cloud Security
Welcome to the second episode of Cloud Security Basics, where Carter Morgan speaks to the second Cloud Security risk: data. Specifically, he talks how you can prevent problems with the data you store. He also talks about the various Google Cloud
Top 3 access risks in Cloud Security
Welcome to the second episode of Cloud Security Basics, where Carter Morgan goes over the different ways that an entity can gain access to your systems. In this episode, he talks about the common strategies that are used to gain access like:
Securing App Engine apps with IAP
Learn how to secure an App Engine app with Identity-Aware Proxy, so that only the right people, and the right devices, are able to use your app. Identity-Aware Proxy quickstart → https://goo.gle/2lDGaiS Cloud Identity-Aware Proxy overview →
How Airbnb Secured Access to Their Cloud With Context-Aware Access (Cloud Next '19)
Learn how Airbnb uses context-aware access to protect applications running on-premises and in other clouds. Envisioned in 2011, the BeyondCorp security model leverages identity and context to evaluate trust for access decisions rather than using the
IAP Setup and Admin best practices
In this episode of BeyondCorp in a bottle,, Max Saltonstall walks us through setting up Cloud Identity-Aware Proxy and admin best practices. Check out this blog post here for more details → http://bit.ly/2HhpO83 BeyondCorp Enterprise Security →
How to get IAP Up and Running
In this episode of BeyondCorp in a Bottle, we tackle a common issue where as your company continues to grow, so do the applications and services that you provide. Managing these resources that interact with each other across disparate networks can
What is BeyondCorp? What is IAP
BeyondCorp is Google’s new zero trust security approach on granting employees remote access without the traditional VPN. In this episode, Max will provide further explanation on BeyondCorp’s model as well as how you can get started. BeyondCorp
Giving Employees Smart Access from Anywhere
Did you know that 91% of remote employees feel more productive? Learn more about how to provide employees with smart access from anywhere - join product manager Ameet Jani and developer advocate Yufeng Guo as they cover Cloud Identity and Cloud
DDoS Defense and Application Protection with Cloud Armor, GCP Security, and ML (Cloud Next '18)
Your Internet-facing services are exposed to a variety of threats from volumetric and protocol DDoS to sophisticated application attacks. In this session, you'll learn how to customize defense for your Google Cloud services based on your unique
A Year in GCP Networking (Cloud Next '18)
In this session, we will talk about the valuable advancements that have been made in GCP Networking over the last year. We will introduce you to the GCP Network team and will tell you about what you can do to extract the most value from your GCP
Security Demo: Identity Aware Proxy
Identity Aware Proxy enables you to configure secure controlled access to your applications so you can enforce "who can see what" access control at the application layer. You don't need client software, remote access VPNs, firewalls, network