0

I am attempting to follow this tutorial. My end goal is to apply device-based access levels on Identity-Aware Proxy (IAP)-secured resources, specifically App Engine. However, as the documentation states:

In the New Access Level pane, in the Conditions section, click Add attribute and then click Device Policy.

I do not see any Device Policy attribute. See screen shot below...

I believe I have properly enabled Endpoint Verification here. In Google Admin via Devices -> Mobile and endpoints I can see device info being collected.

My Google Admin account to Google Workspace Enterprise Plus and we have Cloud Identity Premium for GCP.

Any ideas why I am unable to see the Device Policy attributes when creating a new Access Level???

enter image description here

Alex G
  • 1,179
  • 3
  • 15
Ryan Stack
  • 1,231
  • 1
  • 12
  • 25
  • I understood that you have to achieve this in the Google Workspace admin console (admin.google.com). – guillaume blaquiere Jan 22 '21 at 08:00
  • The Access Context Manager link send you to the GCP Console, however.. – Ryan Stack Jan 22 '21 at 13:34
  • 1
    Ok, so it looks like you are right in that this can be achieved via Google Workspace admin console (admin.google.com)... However, the tutorials are still linking to GCP Console where the UI features do not yet exist.. – Ryan Stack Jan 22 '21 at 13:54

1 Answers1

0

Application and VM protection with device attributes needs to purchase additional paid functions BeyondCorp Enterprise enter image description here

Marcin k
  • 11
  • 2
  • 1
    Your answer could be improved with additional supporting information. Please [edit] to add further details, such as citations or documentation, so that others can confirm that your answer is correct. You can find more information on how to write good answers [in the help center](/help/how-to-answer). – Community Jul 11 '22 at 01:39