Hello there! I am currently looking into ways of closing down our development environments and management tools (Grafana, ELK, etc). I took a look at IAP since we already use it for SSH traffic. However I would like to secure HTTP(S) traffic to our GKE clusters as well. After doing some digging I am still unsure if IAP will be a full replacement for a VPN.
Does anyone have experience with IAP as a full-blown VPN replacement? Would it still be possible to access API’s behind IAP? From my understanding I would be able to use OAuth tokens to achieve this, and similarly use OAuth for automated tests running against these environments.
Curious about your experiences.