IAP Desktop
IAP Desktop is a Remote Desktop and SSH client that lets you connect to your Google Cloud VM instances from anywhere.
For Windows 11/10/8.1. No admin rights required.Access Linux and Windows VMs from anywhere
IAP Desktop uses Identity-Aware-Proxy (IAP) to connect to VM instances so that you can:
- Connect to VM instances that donโt have a public IP address
- Connect from anywhere over the internet
Together, IAP Desktop and Identity-Aware-Proxy (IAP) let you apply zero-trust security to your VMs:
- Apply fine-grained access controls that define who can access which VM
- Use access levels to restrict access by time or location
- Use BeycondCorp Enterprise to limit access to trusted devices
The application automatically manages IAP TCP tunnels for you, and protects them so that no other users or programs can access them.
Connect to Windows VMs with Remote Desktop
IAP Desktop is a full-featured Remote Desktop client that lets you:
- Use multiple Remote Desktop sessions at the same time
- Switch between full-screen and tabbed Remote Desktop sessions
- Upload and download files over SFTP
To help you authenticate to Windows VMs, IAP Desktop can:
- Automatically generate Windows credentials by using the Compute Engine guest agent environment
- Encrypt and store your Windows credentials locally
Connect to Linux VMs with SSH
IAP Desktop includes an SSH client and terminal so that you can:
- Use multiple SSH sessions in parallel, and switch between them using tabs
- Upload and download files using SFTP
To help you authenticate to Linux VMs, IAP Desktop can:
- Automatically create and publish SSH keys to OS Login or metadata
- Use OS Login 2-factor authentication
- Store our SSH keys locally using Windows CNG
Manage VMs across projects
IAP Desktop gives you a consolidated view of your VMs and lets you:
- Connect to VMs across multiple projects and Google Cloud organizations
- View diagnostics information such as logs and serial port output
- Remotely join a VM to Active Directory
- Perform other common operations such as starting or stopping VMs
Connect to SQL Server and other services
You can use IAP Desktop to let client applications connect to your Google Cloud VMs through IAP: Right-click a VM, select the application to launch, and IAP Desktop automatically connects the application through an IAP TCP forwarding tunnel.
Supported client applications include:
- SQL Server Management Studio (supporting Windows authentication and SQL Server authentication)
- MySQL Shell
- Chrome (to connect to management portals and other internal websites)
- Custom applications
Learn more about IAP Desktop
Get started
- Install IAP Desktop
- Configure IAP in your project
- Connect to a Windows VM
- Connect to a Linux VM
- Connect to SQL Server
- Connect to VMs from within a web browser
Use the tool windows
Customize IAP Desktop
Administer IAP Desktop
IAP Desktop is an open-source project developed and maintained by the Google Cloud Solutions Architects team. The project is not an officially supported Google product.
All files in this repository are under the Apache License, Version 2.0 unless noted otherwise.