Hello All,
I’m looking at securing some websites hosted on Google Cloud ( Wordpress sites ) with IAP.
Looking at the documentation, the examples seem to use App Engine and not Compute Engine.
So my question is: for my use case ( website/Wordpress ) ; do I need to put the vm behind https load balancer for
IAP to work?
Many thanks, greetings, J.
Hello,
since there is no input on my question, I guess I will go with the documentation:
https://cloud.google.com/beyondcorp-enterprise/docs/securing-compute-engine
and I’m afraid that according to the docs a load balancer is indeed necessary.
Greetings, J.
Hi,
Yes. To be able to use IAP, you must configure LB. With AppEngine / Cloud Run is easier , both have LB by default.
cheers,
DamianS
Damian,
thank you, this info helps me a lot. I can’t help but thinking though, that in the demo they make it look so easy. Iap is just a few clicks. But if on Compute Engine https lb is necessary, it becomes a lot more complex.
Greetings, J.
Indeed,
however you can run wordpress at Cloud Run, then set up integration ( it will automatically set up DNS, LB etc), and at finish enable IAP.
cheers,
DamianS
Is it possible to integrate IAP with apigee proxy api ?.These reason i want is because i want only user that is authenticated in gcp should be able to hit a specific apigee proxy api and if he is not he should be rejected.do we have any way of doing this
Hi KamelOUALI you liked the comment ,do you mean it is possible ?.can you also list steps of achieving it ?.Thanks