Python을 사용해 간단한 App Engine 앱을 작성 및 배포
git clone https://github.com/googlecodelabs/user-authentication-with-iap.git
cd user-authentication-with-iap
cd 1-HelloWorld
gcloud app deploy
(실행결과)
Please enter your numeric choice: 2
Creating App Engine application in project [qwiklabs-gcp-02-c8004de5b58e] and region [asia-northeast1]....done.
Services to deploy:
descriptor: [/home/student_02_86e97cfc3a04/user-authentication-with-iap/1-HelloWorld/app.yaml]
source: [/home/student_02_86e97cfc3a04/user-authentication-with-iap/1-HelloWorld]
target project: [qwiklabs-gcp-02-c8004de5b58e]
target service: [default]
target version: [20210513t082853]
target url: [https://qwiklabs-gcp-02-c8004de5b58e.an.r.appspot.com]
Do you want to continue (Y/n)? y
Beginning deployment of service [default]...
Created .gcloudignore file. See `gcloud topic gcloudignore` for details.
╔════════════════════════════════════════════════════════════╗
╠═ Uploading 6 files to Google Cloud Storage ═╣
╚════════════════════════════════════════════════════════════╝
File upload done.
ERROR: (gcloud.app.deploy) NOT_FOUND: Unable to retrieve P4SA: [service-942148416139@gcp-gae-service.iam.gserviceaccount.com] from GAIA. Could be GAIA propagation delay or request from deleted apps.
student_02_86e97cfc3a04@cloudshell:~/user-authentication-with-iap/1-HelloWorld (qwiklabs-gcp-02-c8004de5b58e)$
(안되서 다시함)
student_02_86e97cfc3a04@cloudshell:~/user-authentication-with-iap/1-HelloWorld (qwiklabs-gcp-02-c8004de5b58e)$ gcloud app deploy
Services to deploy:
descriptor: [/home/student_02_86e97cfc3a04/user-authentication-with-iap/1-HelloWorld/app.yaml]
source: [/home/student_02_86e97cfc3a04/user-authentication-with-iap/1-HelloWorld]
target project: [qwiklabs-gcp-02-c8004de5b58e]
target service: [default]
target version: [20210513t083521]
target url: [https://qwiklabs-gcp-02-c8004de5b58e.an.r.appspot.com]
Do you want to continue (Y/n)? y
Beginning deployment of service [default]...
╔════════════════════════════════════════════════════════════╗
╠═ Uploading 0 files to Google Cloud Storage ═╣
╚════════════════════════════════════════════════════════════╝
File upload done.
Updating service [default]...done.
Setting traffic split for service [default]...done.
Deployed service [default] to [https://qwiklabs-gcp-02-c8004de5b58e.an.r.appspot.com]
You can stream logs from the command line by running:
$ gcloud app logs tail -s default
To view your application in the web browser run:
$ gcloud app browse
student_02_86e97cfc3a04@cloudshell:~/user-authentication-with-iap/1-HelloWorld (qwiklabs-gcp-02-c8004de5b58e)$배포된 앱 확인
gcloud app browse
(실행결과)
Did not detect your browser. Go to this link to view your app:
https://qwiklabs-gcp-02-c8004de5b58e.an.r.appspot.com
student_02_86e97cfc3a04@cloudshell:~/user-authentication-with-iap/1-HelloWorld (qwiklabs-gcp-02-c8004de5b58e)$
(배포 성공 후 다시)
Did not detect your browser. Go to this link to view your app:
https://qwiklabs-gcp-02-c8004de5b58e.an.r.appspot.com
student_02_86e97cfc3a04@cloudshell:~/user-authentication-with-iap/1-HelloWorld (qwiklabs-gcp-02-c8004de5b58e)$
안되는 것처럼 보이지만 배포된 화면은 보여짐앱에 대한 액세스를 제한하기 위해 IAP 활성화 및 비활성화 방법
IAP 에서 앱으로 사용자 신원 정보를 가져오는 방법
스푸핑으로부터 IAP의 정보를 암호화 방식으로 확인 하는 방법
어플리케이션 배포 및 IAP 로 보호
사용자 신원 정보 접근
암호화 확인 사용
Javis blog 