Login to GCP VM Instance without Public IP using Identity-Aware proxy (IAP)
Published in
3 min readApr 14, 2022
Introduction
This article will try to explain you how we can use Identity-Aware proxy (IAP) to login into GCE instance without public/external IP. Identity-Aware Proxy (IAP) TCP forwarding to enable administrative access to VM instances that do not have external IP addresses or do not permit direct access over the internet. In this article, I will try to reproduce the issue first and then guide you through the solution.
More on IAP — Click here
Prerequisites
- Editor/Owner access to GCP project
Resource Creation
- Create Custom VPC ex. “dev-vpc” with subnet in desired region.
2. Create a GCE Instance with custom VPC network and keep external IP as none while creating instance as below.
3. Use the network tag ex.“iap-demo” while creating Instance.
4. Now instance is created and in running state. however ssh button is disabled.
