Cloud Identity-Aware Proxy (IAP) allows you to control access to your web applications running on Google Cloud. It ensures that only authenticated users who are part of a specified Google Group can access the application. Here’s how you can restrict access to in-progress sites using IAP:

Enable IAP: First, you need to enable Cloud IAP for your App Engine application. This will require configuring OAuth consent and setting up necessary permissions.

Create a Google Group: Create a Google Group that includes all the customers and company employees who should have access to the in-progress sites.

Configure Access: Configure IAP to allow access only to members of the created Google Group. This involves setting up the necessary IAP policies and ensuring that only authenticated users in the group can access the application.

By using IAP, you ensure that the access control is centrally managed and only authorized users can view the in-progress sites from any location.

References

Cloud Identity-Aware Proxy Documentation

Setting up IAP