Promote Identity-Aware Proxy. You can add any of these badges on your website.
That is not how you do Zero Trust. You want to use an Identity Aware Proxy. There are lots of ways you can implement this with Google as your core auth. For example Pomerium or oauth2-proxy. Source: 11 months ago
It's like this, which may be what you're referring to: https://cloud.google.com/iap. Source: over 1 year ago
If System A is operated by a user in realtime, I would lean toward using strong user or app identity (Firebase Authentication, Firebase App Check or Identity-Aware Proxy). But that would mean major modifications to System A, and you described it as a "closed system" so maybe that's not possible? Source: over 1 year ago
Put Identity-Aware Proxy in front of your application. It will block anyone who is not from the right domain or in your access control list. This option is useful if you only want to allow a list of users known ahead of time, like for a company-internal app. Source: over 1 year ago
You could use IAP but that would require that they sign in i.e. When they try to access the application, it would ask them to sign in and then it will reject any sign in which is not from the email of *@customerdomain.com. If you don't wish to use IAP, you can also include the entry 'login: always' in your app.yaml which then forces users to sign in and your code will check that the email address is from... Source: almost 2 years ago
If you want to only allow a defined list of users access your Cloud Run service, and those users will access it using their web browsers, Identity-Aware Proxy would be a better fit. It will display a log-in user interface if the user is not already authenticated. Source: almost 2 years ago
I’m not sure what you mean by that, but if you’re already using GKE Load Balancers, you are most of the way there. Check out IAP https://cloud.google.com/iap. Source: about 2 years ago
Do you know an article comparing Identity-Aware Proxy to other products?
Suggest a link to a post with product alternatives.
This is an informative page about Identity-Aware Proxy. You can review and discuss the product here. The primary details have not been verified within the last quarter, and they might be outdated. If you think we are missing something, please use the means on this page to comment or suggest changes. All reviews and comments are highly encouranged and appreciated as they help everyone in the community to make an informed choice. Please always be kind and objective when evaluating a product and sharing your opinion.