In the last post, we discussed that each request that Cloud IAP passes to a backend appliation contains a X-Goog-Iap-Jwt-Assertion header. This header contains an IAP JWT assertion that looks a bit like an IdToken, but is not an IdToken.
Continue »
Conceptually, you can think of Cloud IAP as a reverse proxy that is deployed in front of your corporate application that intercepts all requests to perform authentication and authorization.
Continue »
At Google Cloud, we run a series of Cloud Summits each year. A Cloud Summit is essentially
a mini-version of Cloud NEXT – it lasts one day, features multiple tracks of technical sessions,
and is usually held in a location where there is plenty of space for booths where customers
can ask questions.
One question that we frequently get at the Ask an Architect or Ask the Expert booth
is about Cloud Identity-Aware Proxy - what is it for, how does it work, and how to use it?
In this series of blog posts, I am going to address these questions, one at a time:
Part 1: What is it for? – The role of Cloud IAP in zero-trust (this post)