Logging Into Google Cloud VMs Locally

· 2 min read · 261 Words · -Views -Comments

I recently explored Google IAP and played around with logging in to Google Cloud VMs, so I’m jotting down the steps here.

Sign Up

  1. GMail
  2. Add a payment method; without one you can’t create instances.
The initial free credits expire. Even if the balance still appears in the console, once expired it won't offset actual charges.

I tested with a Visa card and it worked fine.

Create an Instance

Taking VM instances as an example: billing is per second, but denominated in USD, so it adds up quickly. If you only need it temporarily, remember to delete it promptly.

https://static.1991421.cn/2024/2024-07-12-234514.jpeg

After creation you can edit the instance to disable the public IP, enable logging, and so on. Keep in mind that storing logs incurs additional charges.

Sign In

GCP offers several ways to connect, including multiple browser-based options such as Cloud Shell and the web SSH client.

With a Public IP

If the instance has a public IP, you can SSH directly.

Without a Public IP

You can log in via IAP, short for Identity-Aware Proxy.

  1. Open the IAP settings, grant SSH access to the relevant resources, and ensure the correct accounts and permissions are applied.

  2. Configure the instance firewall rules.

  3. Install the gcloud SDK locally.

    curl -O https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/google-cloud-cli-linux-x86_64.tar.gz
    
    tar -xf google-cloud-cli-linux-x86_64.tar.gz
    
    ./google-cloud-sdk/install.sh
    
  4. Run gcloud init to set things up. You’ll be prompted to log into your Google account, then select the project, region, and other settings.

  5. After the configuration is complete, you can connect to the instance.

    gcloud compute ssh --zone "asia-east2-c" "test1" --tunnel-through-iap --project "adept-strand-311907"
    

Final Thoughts

That’s it—happy tunneling.

Authors
Developer, digital product enthusiast, tinkerer, sharer, open source lover