Protect web with Identity Aware Proxy

IAP how it works

source: https://cloud.google.com/iap/docs/concepts-overview#how_iap_works

IAP benefits

  • Control access to app on Google Cloud
  • Verify user identity and grant/deny access to app
  • Access control in a central place
  • Work from untrusted networks without the use of a VPN
  • Implement a zero-trust access model
  • Combine with Load Balancer and WAF (firewall) for added security

https://cloud.google.com/iap

Web app benefits

  • avoid managing user authentication and session management
  • receive information about the authenticated users, including the email address and a persistent identifier to the app in the form of new HTTP headers
  • lots of security out of the box

Web app architecture

Tutorials

  • auth(e) python with IAP = https://cloud.google.com/python/docs/getting-started/authenticate-users
  • IAP and App Engine = https://cloud.google.com/iap/docs/app-engine-quickstart

  • multiple dbs on django = https://docs.djangoproject.com/en/3.2/topics/db/multi-db/

Thanks

Protect web with Identity Aware Proxy

By Joaquin Rivera Padron

Made with Slides.com

Protect web with Identity Aware Proxy

Using IAP with web app to manage authentication and authorization to access

  • 496

More from Joaquin Rivera Padron