Enabling IAP for GKE | Identity-Aware Proxy | Google Cloud
This page explains how to secure a Google Kubernetes Engine (GKE) instance with Identity-Aware Proxy (IAP). IAP is integrated through Ingress for GKE. This integration enables you to control resource-level access for employees instead of using a VPN. In a GKE cluster, incoming traffic is handled by HTTP(S) Load Balancing, a component of Cloud Load Balancing.
https://cloud.google.com/iap/docs/enabling-kubernetes-howto