Arrajj
Reputation: 187
How to expose IP of a VM to only authenticated users in GCP Project
The use case is the following:
- Private network for the GCP project
- VPN on the local computer that seems to be blocking SSH connections
- A VM that has a webapp to be accessed but we don't want to expose the IP to the public network
What are the best practices to keep it private and to access it eg. with OAuth authentication? What are the steps to make and to follow?
Appreciate your help with this.
Upvotes: 0
Views: 250
Answers (1)
John Hanley
Reputation: 81386
There are several methods in Google Cloud. The second method is the recommended method based upon the requirements in your question.
- If the users have defined public IP addresses, use Google Cloud VPC firewall rules to only allow access from approved IP addresses.
- Do not assign a static public IP address to the instance. Add an HTTP(S) Load Balancer and enable IAP. Add each user's identity to IAP for identity-based access control.
Additional methods suitable for developers:
- My favorite is to use WireGuard (VPN) and use peer-based access control.
Upvotes: 1
Related Questions
- Use a fixed public IP (to whitelist) on GCP Cloud Run / Function
- GCP Development Server - VM accessible to only one person
- Creating VMs without public IP in GCP
- Restrict access to Google Cloud VM to only Firebase server
- Restricting user access for VM in gcp
- Restrict access to GCP cloud source repository by the client machine IP
- How to give access to single Compute Instance on GCP?
- GCP: connection only between VM's (do not allow external IP's)
- How to restrict access to a small user community (IAM users) in GCP / Cloud DNS / HTTPS application
- Assign a public IP to a nested VM on GCP without using proxy or port forwarding