Configuring Identity-Aware Proxy with Google IAP When to Use - When protecting Google Cloud applications (App Engine, Cloud Run, GKE, Compute Engine) with identity-based access - When implementing context-aware access requiring device posture and location verification - When providing secure access to internal tools without VPN or public IP exposure - When needing per-request authentication and authorization for web applications and TCP services - When configuring programmatic access to IAP-protected resources using service accounts Do not use for non-HTTP applications that cannot be placed b…