I have some content in a GCS bucket:
$ gsutil ls gs://my-bucket
index.html
I'd like to serve this behind OAuth using Identity-Aware Proxy (IAP). I'm following these instructions.
I've created a load balancer and and "backend bucket" like so:
On the Identity-Aware Proxy page, however, I do not see my load balancer listed:
Is it possible to use IAP with a backend bucket?
This isn't supported at the moment. The policy is applied per backend, not for the load balancer as a whole (so for example, yoursite.com/admin can be more restricted than yoursite.com/public). However only backend services (ie GCE/GKE) are supported, but not backend buckets.
There is an open feature request for backend bucket IAP support.
I have added a couple of changes to gcs-proxy.
so basically you can put it in cloudrun behind GLB with Identity-Aware Proxy (IAP) and serve static sites from private GCS.
here is the fork https://github.com/mike-sirs/gcsproxy.
