Today, as promised, I'll explore the intricacies of combining Cloud Run with IAP. However, rather than guiding you through the complete setup — which you can find well-documented at https://cloud.google.com/iap/docs/enabling-cloud-run I'll shift my focus towards a diagrammatic representation of the process. I'll pinpoint and elaborate on five particularly challenging aspects of this setup that arise primarily due to the inclusion of a Load Balancer, which adds a level of complexity not found in a traditional App Engine setup. To wrap up, I'll share my understanding of why incorporating a Load Balancer is crucial as opposed to adhering to the conventional App Engine setup. My hope is that this exploration will not only streamline your setup process but also arm you with the knowledge to build secure and powerful IAP-integrated applications on Cloud Run.
00:57 - Table of Contents
02:04 - The steps involved to enable IAP on Cloud Run
04:28 - Explaining it in a diagram
08:41 - Troubleshooting
09:11 - Coud Armor whitelisting
10:50 - Authorized redirect URIs
12:04 - Cloud Run Ingress rules
12:59 - Cloud Run Invoker grant to the Google SA
14:06 - Grant IAP Web App User role at project level
15:01 - Demo
16:56 - Why it needs an Load Balancer
20:54 - Summary
