I've been using a compute-engine to host a website on gcloud. I just can't figure out how to make access to the project private, with a whitelist for pre-approved emails.
Asked
Active
Viewed 245 times
2 Answers
0
Editing the answer based on comment.
You can use IAP ( Identity Aware Proxy) to control who can or cannot access your public website 1. Enabling IAP for GCP VM instance
Krish
- 120
- 3
-
Hi, so essentially the website is currently viewable to the public. I've got a generic VM made with a wordpress website, and I'd like to restrict access so that only people who have a role that i've created for their email can access it – Moudy Hasan Jun 14 '21 at 10:35
-
Edited the answer based on your comment – Krish Jun 14 '21 at 12:23
-
@MoudyHasan WordPress supports user authentication. Require uses to login. There are numerous plugins enhancing authentication: https://auth0.com/wordpress – John Hanley Jun 14 '21 at 12:45
0
Developing the above answer:
The Identity-Aware Proxy will allow you to Use identity and context to guard access to your applications and VMs.
Your use case would be setting up IAP for Compute Engine, which has a few requirements, like having a HTTPS load balancer .
If you just want to allow specific users to access your website there are some alternatives:
Install a plugin to restrict access, for example this one.
Restrict GCP Instance's traffic access through Firewall rules. This is not recommended because you will need fixed IP addresses for the users, or they should use a VPN to always connect from same fixed IP address.
You could whitelist IP's from the web server side program, for example for Apache whitelist or Nginx whitelist
By doing this the website will still be publicly available but only allowed users could access the website and modify it or access private content of the website.
Pit
- 184
- 11