Hi all. I've been working on setting up Prefect Server in GCP and wanted to see if anyone had successfully secured it under Identity Aware Proxy?
I've set it up on a VM and have created a load balancer that directs traffic from my domain to the port 8080 on the VM to access the UI. Initially, when connecting graphql (4200) to the UI, I tried to just set it to the VM IP address:4200, but that was denied because it is HTTP and the domain is https so chrome throws an error saying it's not secure.
To fix that error, I then made a second backend service on the Load Balancer pointing to port 4200 and created a subdomain for that port. I set the subdomain as my Prefect Server Graphql endpoint in the UI and that resolved the first issue.
However, the issue with this is that as soon as I turn on Identity Aware Proxy for both the UI and Graphql backend service, I get a CORS error.
Access to manifest at '<https://accounts.google.com/o/oauth2/v2/auth?…>' (redirected from '<http://maindomain.com|maindomain.com>') from origin '<http://maindomain.com|maindomain.com>' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Does anyone have any experience with this or anything similar?