I am to setup some infrastructure for my company on google cloud. Admittedly I don’t have much experience with network and infrastructure.
I want to create some web apps to be deployed on VMs but I only want employees to be able to access the sites. What is the best practice to achieve this?
I could add login feature on the web apps but I’d rather keep the access control centralised instead. Can I setup a VPC that employees can logon to? Or is VPN the best solution here (although VPN is for connecting cloud with on-premise, right?)
I don't have a lot of expertise about GCE and network, but I saw some solution using Cloud IAP. Maybe this is better than create VPNs. Look this link, perhaps this could help you: https://cloud.google.com/iap/docs/tutorial-gce