gcloud alpha iap web enable

NAME
gcloud alpha iap web enable - enable Cloud Identity-Aware Proxy (Cloud IAP) on an IAP resource
SYNOPSIS
gcloud alpha iap web enable [--oauth2-client-id=OAUTH2_CLIENT_ID --oauth2-client-secret=OAUTH2_CLIENT_SECRET] [--resource-type=RESOURCE_TYPE : --region=REGION --service=SERVICE] [GCLOUD_WIDE_FLAG]
DESCRIPTION
(ALPHA) This command enables Cloud Identity-Aware Proxy on an IAP resource. OAuth 2.0 credentials must be set, or must have been previously set, to enable IAP.
EXAMPLES
To enable IAP on an App Engine application, run: 
gcloud alpha iap web enable --resource-type=app-engine --oauth2-client-id=CLIENT_ID --oauth2-client-secret=SECRET

To enable IAP on a backend service, run: 

gcloud alpha iap web enable --resource-type=backend-services --oauth2-client-id=CLIENT_ID --oauth2-client-secret=SECRET --service=SERVICE_ID
FLAGS
--oauth2-client-id=OAUTH2_CLIENT_ID
OAuth 2.0 client ID to use.
--oauth2-client-secret=OAUTH2_CLIENT_SECRET
OAuth 2.0 client secret to use.
--resource-type=RESOURCE_TYPE
Resource type of the IAP resource. RESOURCE_TYPE must be one of: app-engine, backend-services.
--region=REGION
Region name. Not applicable for app-engine. Optional when resource-type is compute.
--service=SERVICE
Service name. Required with --resource-type=backend-services.
GCLOUD WIDE FLAGS
These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.

Run $ gcloud help for details.

NOTES
This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early access allowlist. These variants are also available: 
gcloud iap web enable

gcloud beta iap web enable