Identity-Aware Proxy

E697147

Google Cloud security service access control service reverse proxy

Identity-Aware Proxy is a Google Cloud security service that controls access to web applications and services by enforcing user identity and context-aware access policies.

Try in SPARQL Jump to: Statements Referenced by

Statements (51)

Predicate	Object
instanceOf	Google Cloud security service ⓘ access control service ⓘ reverse proxy ⓘ
alsoKnownAs	IAP NERFINISHED ⓘ
belongsTo	Google Cloud security portfolio NERFINISHED ⓘ
canBeConfiguredVia	Google Cloud Console NERFINISHED ⓘ REST API ⓘ gcloud command-line tool ⓘ
controlsAccessTo	web applications ⓘ web services ⓘ
designedFor	enterprise access control ⓘ
enforces	context-aware access policies ⓘ user identity-based access policies ⓘ
integratesWith	Cloud Identity NERFINISHED ⓘ Google Cloud IAM NERFINISHED ⓘ Google Workspace identities NERFINISHED ⓘ
logsTo	Cloud Logging NERFINISHED ⓘ
primaryGoal	secure access to applications based on identity and context ⓘ
protects	HTTP applications ⓘ HTTPS applications ⓘ administrative dashboards ⓘ internal web applications ⓘ
providedBy	Google Cloud NERFINISHED ⓘ
provides	per-request authentication ⓘ per-request authorization ⓘ zero-trust style access control ⓘ
requires	backend to trust Google-signed identity tokens ⓘ
supports	App Engine applications ⓘ Cloud Functions HTTP triggers NERFINISHED ⓘ Cloud Run services NERFINISHED ⓘ Compute Engine backends NERFINISHED ⓘ GKE backends ⓘ Google Cloud HTTP(S) Load Balancing NERFINISHED ⓘ
supportsAuthenticationMethod	Google account sign-in ⓘ IAP-Signed JWT NERFINISHED ⓘ service account authentication ⓘ signed headers ⓘ
supportsFeature	IAP-Signed JWT verification by backends ⓘ TCP forwarding via IAP TCP tunneling ⓘ access logging ⓘ access to internal web apps without VPN ⓘ audit logging ⓘ context-aware access based on IP address ⓘ context-aware access based on device posture ⓘ context-aware access based on geographic location ⓘ context-aware access based on group membership ⓘ context-aware access based on user identity ⓘ per-URL access control via IAM ⓘ signed headers for backend verification ⓘ
uses	OAuth 2.0 ⓘ OpenID Connect NERFINISHED ⓘ

Referenced by (1)

Full triples — surface form annotated when it differs from this entity's canonical label.

Cloud Run → integratesWith → Identity-Aware Proxy ⓘ