|
|
|
|
|
|
by deepsun
3286 days ago
|
|
|
Or, if you use Google Apps (aka G Suite now), use Google Identity-Aware Proxy [1] Basically, all it does is adding couple of headers, like user-id, to every single HTTP request.
And as soon as you delete user's account in your Google Apps console -- they will lose access to your corporate services. Drawbacks are: 1. This require cooperation from the services. E.g. you have Jenkins -- it needs to check those headers. I don't know if Jenkins has a plugin for that yet. 2. The service must run on GCP, so Google can proxy requests to it. [1] https://cloud.google.com/iap/ |
|
|