M'm trying to use this guide to protect my on-premise app with google identity aware proxy.
I have an on-premise web-app, which is simulated on a gcp VM that is accessible through {public_ip}/scada. What i need to achieve is to enable IAP to protect it.
As long as i have to deploy and configure the IAP connector i need to specify source and destination, as referred in the link and image.
What i don't get so far i what to put as source (entry point on the iap connector) and destination (here maybe need to buy a domain and link the public ip of the VM).
What can i do to configure the source? need to buy an other domain and reserver a static ip to use?
Thanks for helping.
Per the docs you referenced above:
That doc links to an additional help file which may be, well, helpful: https://cloud.google.com/iap/docs/cloud-iap-for-on-prem-apps-overview#routing_rules
It has an example that shows actual FQDNs rather than IP addresses. It sounds like you're thinking about this from a purely IP routing standpoint, rather than a business standpoint (e.g. "we want all traffic that's going to www.mydomain.com to just go to mydomain.com").