NAME gcloud iap web enable - enable Cloud Identity-Aware Proxy (Cloud IAP) on an IAP resource SYNOPSIS gcloud iap web enable [--oauth2-client-id=OAUTH2_CLIENT_ID --oauth2-client-secret=OAUTH2_CLIENT_SECRET] [--resource-type=RESOURCE_TYPE : --region=REGION --service=SERVICE] [GCLOUD_WIDE_FLAG ...] DESCRIPTION This command enables Cloud Identity-Aware Proxy on an IAP resource. OAuth 2.0 credentials must be set, or must have been previously set, to enable IAP. EXAMPLES To enable IAP on an App Engine application, run: $ gcloud iap web enable --resource-type=app-engine \ --oauth2-client-id=CLIENT_ID --oauth2-client-secret=SECRET To enable IAP on a global backend service, run: $ gcloud iap web enable --resource-type=backend-services \ --oauth2-client-id=CLIENT_ID --oauth2-client-secret=SECRET \ --service=SERVICE_ID To enable IAP on a region backend service, run: $ gcloud iap web enable --resource-type=backend-services \ --oauth2-client-id=CLIENT_ID --oauth2-client-secret=SECRET \ --service=SERVICE_ID --region=REGION FLAGS --oauth2-client-id=OAUTH2_CLIENT_ID OAuth 2.0 client ID to use. --oauth2-client-secret=OAUTH2_CLIENT_SECRET OAuth 2.0 client secret to use. --resource-type=RESOURCE_TYPE Resource type of the IAP resource. RESOURCE_TYPE must be one of: app-engine, backend-services. --region=REGION Region name. Not applicable for app-engine. Optional when resource-type is compute. --service=SERVICE Service name. Required with --resource-type=backend-services. GCLOUD WIDE FLAGS These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity. Run $ gcloud help for details. NOTES These variants are also available: $ gcloud alpha iap web enable $ gcloud beta iap web enable