This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Enabling IAP for a regional external load balancer

Posted on 05-27-2024 01:08 PM
ericmalen
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

I am working on setting up the JIT Access application as IaC using KCC and Config Sync. I currently have this set up, which is completely functional:

JIT Architecture Diagram - Global.png

However, I am trying to make the switch from a global external application load balancer to a regional external application load balancer. My target infrastructure is the following:

JIT Architecture Diagram - Regional.png

When I make the switch to the regional LB, I get an IAP assertion error (Invalid IAP assertion (HTTP 403: error)) when I access the application. I've been told that IAP was not compatible with regional external application load balancers. Is this true?

If not, why would I be getting the IAP assertion error when I switch to the regional load balancer?

Thank you in advance!

**Edit

Wanted to add that I've done my own research on this and I'm not simply going on hearsay. I've found this documentation, and this one, that seem to confirm that IAP is not supported for regional LB's. But then there is this one that says they are compatible. Quite confusing!

4 3 922
Topic Labels
3 REPLIES 3
Top Labels in this Space
Top Solution Authors
View all