IAP Desktop is a Windows application that provides zero-trust Remote Desktop and SSH access to Linux and Windows VMs on Google Cloud.
APACHE-2.0 License
Bot releases are hidden (Show)
Release 2.41 introduces the following new features:
RDP admin sessions: The connection settings for Windows VMs now include an additional setting, Session type. When you set this to Admin, IAP Desktop connects to the VM in administrative mode, similar to mstsc /admin
. (#1326)
Type clipboard text: In situations where you can't use copy/paste to copy text to a Remote Desktop session, you can now let IAP Desktop simulate keyboard input by using the Session > Type clipboard text command.
Instance properties: The Instance properties window now shows additional details, including VM metadata, CPU architecture, and labels.
In addition, the release includes several stability improvements and fixes, including:
Additional notes:
Published by jpassing 8 months ago
Release 2.40 introduces the following new features:
Faster RDP full-screen switching: Entering and leaving full-screen mode is now faster and, in most cases, no longer requires a reconnect. (#1005)
RDP in restricted admin mode: You can now connect to Windows VMs using RDP in restricted admin mode. You can enable restricted admin mode in the connection settings.
SSH password prompting: When you're using SSH with password authentication, you can now choose between saving credentials or letting IAP Desktop show a password prompt every time you connect. (#1227)
Tunneling: You can now use IAP Desktop to create IAP tunnels to MySQL/MariaDB, Postgres, SQL Server, and custom server applications. You can then use any tool to connect to that tunnel and the tunnel remains open until you close IAP Desktop. (#1192)
Session management: You can now close multiple sessions at once by using the Close all or Close others menu items in the session menu.
Project search: When you add a new project, you can now search for projects by any term, not just by prefix. (319229912)
x64: When you download IAP Desktop, you can now choose between x86 (32-bit) and x64 (64-bit). We recommend switching to the 64-bit version if you're frequently using more than ~8 RDP sessions in parallel to avoid resource exhaustion issues. (#1203)
In addition, the release includes several stability improvements and fixes, including:
Additional notes:
Published by jpassing 9 months ago
Release 2.39 introduces the following new features:
WebAuthn over RDP: IAP Desktop can now redirect local Windows Hello/FIDO2 authenticators over RDP so that you can use them in a Remote Desktop session.
Improved high-DPI screen support: The application now uses GDI scaling to reduce blur on high-DPI screens.
OS Login with workforce identity: As a workforce identity user, you can now use IAP Desktop to connect to Linux VMs that use OS Login. Note that to use OS Login with worforce identity, you might need to update your VM's guest environment. (#1158)
Password/keyboard-interactive SSH authentication: For VMs that don't support public key authentication, IAP Desktop can now use password or keyboard-interactive SSH authentication. To use password or keyboard-interactive SSH authentication, open the VM's connection settings and set Public key authentication to disabled. (#743)
Ephemeral SSH keys: You can now configure IAP Desktop to use a new, ephemeral SSH key every time you launch the application. Using ephemeral SSH keys lets you use IAP Desktop in scenarios where the Windows CNG key store has become corrupted or inaccessible or when you're logged in using a read-only Windows profile. (303075734, 275455836, 307194658, 308161113)
FIPS 140-2 compatibility: IAP Desktop now works on computers that have been configured to only allow FIPS-compliant cryptographic algorithms (311436717)
In addition, the release includes several stability improvements and fixes, including:
Additional notes:
Published by jpassing about 1 year ago
Release 2.38 introduces the following new features:
Workforce identity: IAP Desktop now supports workforce identity federation as an alternative way to sign in to IAP Desktop.
Easier reauthentication: When your session expires, IAP Desktop no longer requires you to grant consent for multiple OAuth scopes, making it quicker and easier to reauthenticate.
Private service connect: You can now let IAP Desktop connect to Google Cloud APIs through Private Service Connect (PSC). You can use PSC to connect from corporate networks that have Cloud VPN/Interconnect access to Google Cloud, but might otherwise have limited internet access. #1028.
SSH rsa-sha2-512 and rsa-sha2-256 authentication: When you configure IAP Desktop to use an RSA key for SSH public key authentication, the application now defaults to using rsa-sha2-512
or rsa-sha2-256
instead of the deprecated rsa-ssh
algorithm.
Port forwarding: You can now create custom tunnels by right-clicking a VM and selecting Connect client application > Forward local port. Port forwarding is an alternative to registering a custom client application and doesn't require any extra configuration. On multi-user systems such as RDS farms, IAP Desktop only allows applications from the same session to connect. #936
SQL Server Management Studio: When you connect to a VM using SSMS, Object Explorer now shows the name of the VM you're connected to. #1071.
Data sharing: To help us improve and prioritize features, you can now optionally allow IAP Desktop to collect and share usage data. Data sharing is disabled by default for all users.
VPC-SC: When accessing a VM failes because of a VPC service control policy, the error message now includes a troubleshooting ID and a link to the troubleshooting tool.
Updated group policy templates: You can now use Active Directorg group policies to manage Private Service Connect and and workforce identity federation settings across endpoints.
Secure Cloud Console: When you've enabled BeyondCorp certificate-based access, all links to the Cloud Console now use the secure Cloud Console (console-secure.cloud.google.com
).
Additional notes:
Published by jpassing over 1 year ago
You can now use IAP Desktop to launch database clients and other client applications and let them securely connect to Google Cloud VMs over IAP TCP forwarding.
To use the feature, right-click a VM in the Project Explorer window and select Connect client application. IAP Desktop then creates an IAP TCP forwarding tunnel, launches the application, and lets the application connect to Google Cloud through the tunnel.
You can use this feature with the following client applications:
SQL Server Management Studio (SSMS): You can launch SSMS and let it authenticate and connect to SQL Server using either Windows authentication or SQL Server authentication. You can use Windows authentication even if your workstation is not domain-joined or if it's joined to a different domain than your SQL Server instance.
MySQL Shell: You can launch the MySQL command-line client to connect to MySQL servers.
Chrome: You can launch Chrome to connect to management portals or other websites that are only available inside your VPC on port 80 or 8080.
Custom applications: You can extend the feature by registering your own applications.
Other new features include:
Multiple RDP sessions to same VM: You can now create multiple sessions to the same Windows VM by right-clicking a VM in the Project Explorer window and selecting Connect as user.
Enhanced Properties window The Properties Window now shows additional details about a VM's security settings
In addition, the release includes several stability improvements and fixes, including:
Additional notes:
Published by jpassing over 1 year ago
Release 2.36 introduces the following new features:
Connect via VPN/Interconnect: In situations where you can't use IAP TCP forwarding, you can now
configure IAP Desktop to directly connect to the private IP address of a VM. You can find the new setting in
the Connection Settings window and you can configure it for individual VMs, zones, or entire projects. (#870)
Tab coloring: IAP Desktop now uses different tab colors to help distinguish different types of sessions:
Session tooltips: Hovering over a tab now shows information about the session, including the user you
used to authenticate.
Automatic theme selection: IAP Desktop now automatically selects a theme (light/dark) based on your
Windows settings.
Credential callbacks: When launching IAP Desktop from a browser, you can now optionally provide a
credential callback URL that IAP Desktop can use to automatically obtain user credentials. (#872)
In addition, the release includes several stability improvements and fixes, including:
iap-rdp:///
URL didn't workAdditional notes:
Published by jpassing over 1 year ago
Release 2.35 introduces the following new features:
In addition, the release includes several stability improvements and fixes, including:
Additional notes:
Published by jpassing almost 2 years ago
Release 2.34 introduces the following new features:
In addition, the release includes several stability improvements and fixes, including:
Additional notes:
Published by jpassing almost 2 years ago
This is release 2.33 of IAP Desktop.
This release introduces the following new features:
SFTP file download: When you're connected to a Linux VM, you can now download files by selecting Session > Download files. You can then browse the remote file system and choose which files to download (#633).
To upload files, drag-and-drop them onto an SSH terminal window.
In addition, the release includes several stability improvements and fixes, including:
nano
didn't properly preserve line endings (253777656).Notice about upcoming breaking changes:
Published by jpassing about 2 years ago
This is release 2.32 of IAP Desktop.
This release introduces the following new features:
In addition, the release includes several stability improvements and fixes, including:
ssh-rsa
(#790)Notice about upcoming breaking changes: Upcoming IAP Desktop releases are planned to implement the following breaking changes:
Published by jpassing about 2 years ago
This is release 2.31 of IAP Desktop.
This release introduces the following new features:
In addition, the release includes several stability improvements and fixes, including:
Notice about upcoming breaking changes: Upcoming IAP Desktop releases are planned to implement the following breaking changes:
Note: Release 2.31.901 had an issue affecting the Tools > Options window. This updated releases fixes this issue.
Published by jpassing about 2 years ago
This is release 2.31 of IAP Desktop.
This release introduces the following new features:
In addition, the release includes several stability improvements and fixes, including:
Notice about upcoming breaking changes: Upcoming IAP Desktop releases are planned to implement the following breaking changes:
Published by jpassing about 2 years ago
This is release 2.30 of IAP Desktop.
This release introduces the following new features:
In addition, the release includes several stability improvements and fixes, including:
The functionality to analyze VM and sole-tenant usage has been removed from IAP Desktop and is now available as a separate tool, License Tracker.
Notice about upcoming breaking changes: Upcoming IAP Desktop releases are planned to implement the following breaking changes:
Published by jpassing over 2 years ago
This is release 2.29 of IAP Desktop.
This release introduces the following new features:
rsa-ssh
signatures in OpenSSH, new installations of IAP Desktop and new profiles now use ecdsa-sha2-nistp384
by default. For existing profiles, the default remains rsa-ssh
(with a 3072-bit key). You can change these default under Tools > Options > SSH.In addition, the release includes several stability improvements and fixes, including:
Notice about upcoming breaking changes: Upcoming IAP Desktop releases are planned to implement the following breaking changes:
Published by jpassing over 2 years ago
This is release 2.28 of IAP Desktop.
This release introduces the following new features:
In addition, the release includes several stability improvements and fixes, including:
Note about planned breaking changes: Upcoming IAP Desktop releases are planned to implement the following breaking changes:
Published by jpassing over 2 years ago
This is release 2.27 of IAP Desktop.
This release introduces the following new features:
In addition, the release includes several stability improvements and fixes, including:
This version of IAP Desktop no longer supports .NET 4.6.1 as this version has reached its end of support
Published by jpassing over 2 years ago
This is release 2.26 of IAP Desktop.
This release introduces the following new features:
Authorized SSH keys window: This new tool window lets you view:
The tool window also lets you delete individual keys.
Issue reporting: If you don't have a GitHub account, you can report issues and feedback on issuetracker.google.com.
Browser selection: The sign-in screen now lets you choose which browser to use for signing in.
In addition, the release includes several stability improvements.
Published by jpassing over 2 years ago
This is release 2.25 of IAP Desktop.
This release introduces the following new features:
In addition, the release includes several stability improvements.
Published by jpassing over 2 years ago
This is release 2.24 of IAP Desktop.
This release introduces the following new features:
Win+R
) should be handled locally or passed to the remote VM. (#607)In addition, the release includes several stability improvements.
Published by jpassing almost 3 years ago
This is release 2.23 of IAP Desktop.
This release introduces the following new features:
rsa-ssh
because of FIPS compliance or other reasons. You can choose the type of key to use in in Tools > Options > SSH. (#567)In addition, the release includes several stability improvements and fixes the following issues:
IndexOutOfBoundsException
error. (#576)