Is it possible to run gitlab as https/ssh through OS-Login IAP tunnels?

gitlab google-cloud-platform

Using TCP forwarding makes DNS protocol useless since it uses UDP (not TCP).

Also as John Hanley mentioned - this will break all SSL certificates.

Note: I have not tested this with GitLab and this will break items such as SSL certificates. I think the better approach is to have a public IP address and then configure VPC Firewall Rules to only allow your IP addresses to access the server OR set up a VPN such as OpenVPN or WireGuard.

Additionally keep in mind the limitations when using TCP Forwarding:

Bandwidth: IAP's TCP forwarding feature isn't intended for bulk transfer of data. IAP reserves the right to rate-limit users abusing this service.

Connection length: IAP automatically disconnects sessions after 1 hour of inactivity. We recommend having logic in your applications to handle reestablishing a tunnel when it becomes disconnected.

The latter shouldn't be an issue since I don't think anyone would keep the tunnel inactive for so long while working.

I'd take John's advice about using VPN instead of a TCP forwarding into consideration. This will allow you run any software protocol without issues and bandwidth rate limiting.

You can also restrict access to the VM using GCP Firewall rules.

Related

SMTP banner mismatch with multiple MX records
How to modify a VM instance setting to boot from BIOS to UEFI?
While a process is running manually, it stops after a while in the cron job [duplicate]
what to do in case of command substitution on a linux server? [duplicate]
Cannot send emails from tomcat application
Ansible "missing sudo password" even with passwordless sudo enabled
What happens when legacy browser or OS attempts to acces https site with SHA-2 certificate
Windows 10 remote tools not working, mmc, psexec etc
Postfix combine multiple checks
Waiting until TCP socket is available in bash
AWS CloudFormation template with ConfigRule
ZooKeeper not starting because acceptedEpoch is less than the currentEpoch