IAP Desktop
IAP Desktop is an open-source Remote Desktop and SSH client that lets you connect to your Google Cloud VM instances from anywhere.
x64 (64-bit) | x86 (32-bit) | arm64 (64-bit). For Windows 10 and 11. No admin rights required.
Access Linux and Windows VMs from anywhere
IAP Desktop uses Identity-Aware-Proxy (IAP) to connect to VM instances so that you can:
- Connect to VM instances that don’t have a public IP address
- Connect from anywhere over the internet
Together, IAP Desktop and IAP let you apply zero-trust security to your VMs:
- Apply fine-grained access controls that define who can access which VM
- Use access levels to restrict access by time or location
- Use BeycondCorp Enterprise to limit access to trusted devices
The application automatically manages IAP TCP tunnels for you, and protects them so that no other users or programs can access them.
Connect to Windows VMs with Remote Desktop
IAP Desktop is a full-featured Remote Desktop client that lets you:
- Use multiple Remote Desktop sessions at the same time
- Switch between full-screen and tabbed Remote Desktop sessions
- Upload and download files over SFTP
To help you authenticate to Windows VMs, IAP Desktop can:
- Automatically generate Windows credentials by using the Compute Engine guest agent environment
- Encrypt and store your Windows credentials locally
Connect to Linux VMs with SSH
IAP Desktop includes an SSH client and terminal so that you can:
- Use multiple SSH sessions in parallel, and switch between them using tabs
- Upload and download files using SFTP
To help you authenticate to Linux VMs, IAP Desktop can:
- Automatically create and publish SSH keys to OS Login or metadata
- Use OS Login 2-factor authentication
- Store our SSH keys locally using Windows CNG
Manage VMs across projects
IAP Desktop gives you a consolidated view of your VMs and lets you:
- Connect to VMs across multiple projects and Google Cloud organizations
- View diagnostics information such as audit events and serial port output.
- Remotely join a VM to Active Directory
- Perform other common operations such as starting or stopping VMs
Connect to SQL Server and other server applications
You can use IAP Desktop to let client applications connect to your Google Cloud VMs through IAP: Right-click a VM, select the application to launch, and IAP Desktop automatically connects the application through an IAP TCP forwarding tunnel.
Supported client applications include:
- SQL Server Management Studio (supporting Windows authentication and SQL Server authentication)
- MySQL Shell
- Chrome (to connect to management portals and other internal websites)
- Custom applications
Instead of letting IAP Desktop launch a client application for you, you can use port forwarding and connect the application to the forwarded port yourself.