Cloud Identity-Aware Proxy
Use Identity to Sign Into Apps
Cloud Identity-Aware Proxy (Cloud IAP) controls access to your cloud applications running on Google Cloud Platform. Cloud IAP works by verifying a user’s identity and determining if that user should be allowed to access the application. Cloud IAP is a building block toward BeyondCorp, an enterprise security model that enables every employee to work from untrusted networks without the use of a VPN.
Simpler for Cloud Admins
Add secure web access to an application in less time than it takes to implement a VPN. Let your developers focus on their application logic, while Cloud IAP takes care of authentication and authorization. Only authenticated users are granted access to the application.
Simpler for Remote Workers
End-users point their web browser to an internet-accessible url to access Cloud IAP-secured applications. No VPN client is required.
Control Access by User Identity
Administrators create policies to specify which groups of identities are granted access to GCP-hosted applications.
Secure Access Administration
Configure a single layer of security to manage user access to cloud applications. Administrators can improve security with Security Key Enforcement to deter phishing.
CLOUD IDENTITY-AWARE PROXY FEATURES
Use identity to guard access for applications deployed on GCP.
Identity-based access control
Cloud IAP uses identity to protect access for applications deployed on GCP.
Saves admin time
Faster to deploy than a VPN. Once deployed, Cloud IAP provides a single point of control for managing user access to web applications.
Free of charge
There is no charge for identity-based access controls.
Saves end-user time
Faster to sign into than a VPN. No VPN client login.
Deploys in minutes
Let your developers focus on their application logic, while Cloud IAP takes care of authentication and authorization.