Documentação do Identity-Aware Proxy
O Identity-Aware Proxy (IAP) permite que você gerencie o acesso a aplicativos em execução no ambiente padrão e no ambiente flexível do App Engine, no Compute Engine e no GKE. O IAP estabelece uma camada de autorização central para aplicativos acessados pelo HTTPS, para que seja possível adotar um modelo de controle de acesso no nível do aplicativo em vez de usar firewalls no nível da rede. Ao ativar o IAP, também é necessário usar cabeçalhos assinados para proteger seu app.
Comece seu próximo projeto com US$ 300 em créditos sem custos financeiros
Crie e teste uma prova de conceito com os créditos de teste e o uso mensal sem custos financeiros de mais de 20 produtos.
Recursos de documentação
Guias
-
Guia de início rápido: autenticar usuários com Contas do Google
-
Como usar o IAP para encaminhamento de TCP
-
Autenticação programática
-
Visão geral do Identity-Aware Proxy
-
Como configurar um balanceador de carga HTTPS externo
-
Como ativar o IAP para o GKE
-
Como gerenciar o acesso a recursos protegidos pelo IAP
-
Como proteger o app com cabeçalhos assinados
-
Como ativar o IAP para apps locais
-
Recursos relacionados
Vídeos relacionados
Cloud Run user auth for internal apps
Enabling IAP for Cloud Run → https://goo.gle/43O59zz GitHub → https://goo.gle/3Ch8gUK In this video, Martin demonstrates how to host an application on Cloud Run using Google's Identity-Aware Proxy and ensure only a list of approved users can access
Top 3 pain points for serverless developers
This is the 100th episode of Serverless Expeditions! To celebrate, Martin and Wes discuss 3 top obstacles for serverless developers and how to overcome them. Watch along to learn how an old circuit board and imaginary maps can help you think
Designing a serverless finance system on Google Cloud
Identity Aware Proxy → https://goo.gle/3DqLybV App Engine → https://goo.gle/3co26FC Cloud SQL → https://goo.gle/3codnWw It’s time to design another serverless app! Let’s say you need a process for your employees and vendors to submit expenses so the
Centralize access to your organization’s websites with Identity Aware Proxy (IAP)
Controlling access to websites and apps → http://goo.gle/2LVC0jD Control access to your web sites with Identity-Aware Proxy → http://goo.gle/3o5x5cN Most large organizations have multiple web systems, from public websites to internal tools used by
Getting started with BeyondCorp: A deeper look into IAP
An increasing number of Fortune 500 companies have adopted Google Cloud’s Zero Trust solution to protect access to applications across multiple clouds and on-premises data centers. Learn why your company may need to adopt a new security model (known
Top 3 data risks in Cloud Security
Welcome to the second episode of Cloud Security Basics, where Carter Morgan speaks to the second Cloud Security risk: data. Specifically, he talks how you can prevent problems with the data you store. He also talks about the various Google Cloud
Top 3 access risks in Cloud Security
Welcome to the second episode of Cloud Security Basics, where Carter Morgan goes over the different ways that an entity can gain access to your systems. In this episode, he talks about the common strategies that are used to gain access like:
Securing App Engine apps with IAP
Learn how to secure an App Engine app with Identity-Aware Proxy, so that only the right people, and the right devices, are able to use your app. Identity-Aware Proxy quickstart → https://goo.gle/2lDGaiS Cloud Identity-Aware Proxy overview →
How Airbnb Secured Access to Their Cloud With Context-Aware Access (Cloud Next '19)
Learn how Airbnb uses context-aware access to protect applications running on-premises and in other clouds. Envisioned in 2011, the BeyondCorp security model leverages identity and context to evaluate trust for access decisions rather than using the
IAP Setup and Admin best practices
In this episode of BeyondCorp in a bottle,, Max Saltonstall walks us through setting up Cloud Identity-Aware Proxy and admin best practices. Check out this blog post here for more details → http://bit.ly/2HhpO83 BeyondCorp Enterprise Security →
How to get IAP Up and Running
In this episode of BeyondCorp in a Bottle, we tackle a common issue where as your company continues to grow, so do the applications and services that you provide. Managing these resources that interact with each other across disparate networks can
What is BeyondCorp? What is IAP
BeyondCorp is Google’s new zero trust security approach on granting employees remote access without the traditional VPN. In this episode, Max will provide further explanation on BeyondCorp’s model as well as how you can get started. BeyondCorp
Giving Employees Smart Access from Anywhere
Did you know that 91% of remote employees feel more productive? Learn more about how to provide employees with smart access from anywhere - join product manager Ameet Jani and developer advocate Yufeng Guo as they cover Cloud Identity and Cloud
DDoS Defense and Application Protection with Cloud Armor, GCP Security, and ML (Cloud Next '18)
Your Internet-facing services are exposed to a variety of threats from volumetric and protocol DDoS to sophisticated application attacks. In this session, you'll learn how to customize defense for your Google Cloud services based on your unique
A Year in GCP Networking (Cloud Next '18)
In this session, we will talk about the valuable advancements that have been made in GCP Networking over the last year. We will introduce you to the GCP Network team and will tell you about what you can do to extract the most value from your GCP
Security Demo: Identity Aware Proxy
Identity Aware Proxy enables you to configure secure controlled access to your applications so you can enforce "who can see what" access control at the application layer. You don't need client software, remote access VPNs, firewalls, network