Google Identity-Aware Proxy Client

This page shows how to write Terraform for Identity-Aware Proxy Client and write them securely.

google_iap_client (Terraform)

The Client in Identity-Aware Proxy can be configured in Terraform with the resource name google_iap_client. The following sections describe 5 examples of how to use the resource and its parameters.

Example Usage from GitHub
resource "google_iap_client" "project_client" {
  display_name = var.display_name
  brand        = var.brand
resource "google_iap_client" "this" {
  display_name = "FetchPrebuiltUE4"
  brand        =
resource "google_iap_client" "appengine" {
  display_name = "IAP-App-Engine-app"
  brand        =

resource "google_iap_web_type_app_engine_iam_member" "member" {
resource "google_iap_client" "project_client" {
  display_name = var.brand.application_title
  brand        =

data "google_compute_ssl_certificate" "my_cert" {
resource "google_iap_client" "project_client" {
  display_name =  var.client_display_name
  brand        =

Review your Terraform file for Google best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).


Identifier of the brand to which this client is attached to. The format is 'projects/[project_number]/brands/[brand_id]/identityAwareProxyClients/[client_id]'.

Output only. Unique identifier of the OAuth client.

Human-friendly name given to the OAuth client.

  • id optional computed - string
  • secret optional computed - string

Output only. Client secret of the OAuth client.

Explanation in Terraform Registry

Contains the data that describes an Identity Aware Proxy owned client.

Note: Only internal org clients can be created via declarative tools. External clients must be manually created via the GCP console. This restriction is due to the existing APIs and not lack of support in this tool. To get more information about Client, see:

Frequently asked questions

What is Google Identity-Aware Proxy Client?

Google Identity-Aware Proxy Client is a resource for Identity-Aware Proxy of Google Cloud Platform. Settings can be wrote in Terraform.

Where can I find the example code for the Google Identity-Aware Proxy Client?

For Terraform, the clementous92/ops-terraform-modules-resources2, falldamagestudio/UE4-GHA-BuildServices and lukwam/banksy source code examples are useful. See the Terraform Example section for further details.


Automate config file reviews on your commits

Fix issues in your infrastructure as code with auto-generated patches.