Identity-Aware Proxy
E697147
Identity-Aware Proxy is a Google Cloud security service that controls access to web applications and services by enforcing user identity and context-aware access policies.
All labels observed (1)
| Label | Occurrences |
|---|---|
| Identity-Aware Proxy canonical | 1 |
How this entity was disambiguated
This entity first appeared as the object of triple T7932132 — resolving that mention is where its identity was fixed. The disambiguator weighed these candidate entities and picked the highlighted one (or “None”, minting a new entity). This is how homonymy is resolved: the same surface form can point to different entities.
Target entity: Identity-Aware Proxy Context triple: [Cloud Run, integratesWith, Identity-Aware Proxy]
-
A.
Cloud IAM
Cloud IAM is Google Cloud’s identity and access management service that lets administrators define and enforce who can access specific cloud resources and what actions they can perform.
-
B.
Microsoft Defender for Identity
Microsoft Defender for Identity is a cloud-based security solution that uses on-premises Active Directory signals to detect, investigate, and respond to advanced identity-based threats in enterprise environments.
-
C.
Privileged Identity Management
Privileged Identity Management is a Microsoft security service that provides just-in-time, approval-based, and time-limited access to sensitive roles and resources to reduce the risks associated with standing administrative privileges.
-
D.
Oracle Cloud Infrastructure Identity and Access Management
Oracle Cloud Infrastructure Identity and Access Management is a cloud-native service that centrally controls user identities, access policies, and permissions across Oracle Cloud resources and services.
-
E.
Okta
Okta is a cloud-based identity and access management platform that provides secure single sign-on, authentication, and user management for applications and services.
- F. None of above. chosen
- G. Unsure - the case is ambiguous/there is not enough information to decide.
Target entity: Identity-Aware Proxy Target entity description: Identity-Aware Proxy is a Google Cloud security service that controls access to web applications and services by enforcing user identity and context-aware access policies.
-
A.
Cloud IAM
Cloud IAM is Google Cloud’s identity and access management service that lets administrators define and enforce who can access specific cloud resources and what actions they can perform.
-
B.
Microsoft Defender for Identity
Microsoft Defender for Identity is a cloud-based security solution that uses on-premises Active Directory signals to detect, investigate, and respond to advanced identity-based threats in enterprise environments.
-
C.
Privileged Identity Management
Privileged Identity Management is a Microsoft security service that provides just-in-time, approval-based, and time-limited access to sensitive roles and resources to reduce the risks associated with standing administrative privileges.
-
D.
Oracle Cloud Infrastructure Identity and Access Management
Oracle Cloud Infrastructure Identity and Access Management is a cloud-native service that centrally controls user identities, access policies, and permissions across Oracle Cloud resources and services.
-
E.
Okta
Okta is a cloud-based identity and access management platform that provides secure single sign-on, authentication, and user management for applications and services.
- F. None of above. chosen
Statements (51)
| Predicate | Object |
|---|---|
| instanceOf |
Google Cloud security service
ⓘ
access control service ⓘ reverse proxy ⓘ |
| alsoKnownAs | IAP NERFINISHED ⓘ |
| belongsTo | Google Cloud security portfolio NERFINISHED ⓘ |
| canBeConfiguredVia |
Google Cloud Console
NERFINISHED
ⓘ
REST API ⓘ gcloud command-line tool ⓘ |
| controlsAccessTo |
web applications
ⓘ
web services ⓘ |
| designedFor | enterprise access control ⓘ |
| enforces |
context-aware access policies
ⓘ
user identity-based access policies ⓘ |
| integratesWith |
Cloud Identity
NERFINISHED
ⓘ
Google Cloud IAM NERFINISHED ⓘ Google Workspace identities NERFINISHED ⓘ |
| logsTo | Cloud Logging NERFINISHED ⓘ |
| primaryGoal | secure access to applications based on identity and context ⓘ |
| protects |
HTTP applications
ⓘ
HTTPS applications ⓘ administrative dashboards ⓘ internal web applications ⓘ |
| providedBy | Google Cloud NERFINISHED ⓘ |
| provides |
per-request authentication
ⓘ
per-request authorization ⓘ zero-trust style access control ⓘ |
| requires | backend to trust Google-signed identity tokens ⓘ |
| supports |
App Engine applications
ⓘ
Cloud Functions HTTP triggers NERFINISHED ⓘ Cloud Run services NERFINISHED ⓘ Compute Engine backends NERFINISHED ⓘ GKE backends ⓘ Google Cloud HTTP(S) Load Balancing NERFINISHED ⓘ |
| supportsAuthenticationMethod |
Google account sign-in
ⓘ
IAP-Signed JWT NERFINISHED ⓘ service account authentication ⓘ signed headers ⓘ |
| supportsFeature |
IAP-Signed JWT verification by backends
ⓘ
TCP forwarding via IAP TCP tunneling ⓘ access logging ⓘ access to internal web apps without VPN ⓘ audit logging ⓘ context-aware access based on IP address ⓘ context-aware access based on device posture ⓘ context-aware access based on geographic location ⓘ context-aware access based on group membership ⓘ context-aware access based on user identity ⓘ per-URL access control via IAM ⓘ signed headers for backend verification ⓘ |
| uses |
OAuth 2.0
ⓘ
OpenID Connect NERFINISHED ⓘ |
How these facts were elicited
The pipeline generated the facts above by prompting gpt-5.1 with this entity's name + description and the instruction below.
You are a knowledge base construction expert. Given a subject entity and a description of it, return factual statements that you know for the subject as a JSON list of dictionaries(triples), where keys must be "subject", "predicate" and "object". The number of facts may be very high, between 25 to 50 or more, for very popular subjects. For less popular subjects, the number of facts can be very low, like 5 or 10. # Requirements - If you don't know the subject at all, return an empty list. - If the subject is not a named entity, return an empty list. - Include at least one triple where predicate is "instanceOf". - Do not get too wordy. - Separate several objects into multiple triples with one object.
Subject: Identity-Aware Proxy Description of subject: Identity-Aware Proxy is a Google Cloud security service that controls access to web applications and services by enforcing user identity and context-aware access policies.
Referenced by (1)
Full triples — surface form annotated when it differs from this entity's canonical label.