I am trying to do a canary deployment in GKE. I need to enable IAP for all the deployments in this.
I can build the canary using both Istio and nginx-ingress for my usecase. But I cant figure how to enable IAP for the either of them. I provisioned a GLB (Global HTTP load balancer) and tried to add the ingresses as backends in both cases. That failed as I expected because health checks and things didnt work.
You need to have an HTTPS load balancer to be able to enable IAP. You can click on this link which provides step by step instructions on how to enable IAP within GKE. I would also highly suggest reading the section “Before you begin” as you will need the prerequisites mentioned to enable IAP.