Agents require secure, governed access to a vast array of tools and services. In Gemini Enterprise Agent Platform, security administrators can govern inline, agent-to-anywhere access by using Agent Gateway.
You can grant Identity and Access Management (IAM) privileges to source agents, which are agents that access Agent Gateway. You grant access by binding IAM allow and deny policies on Agent Registry service instances. Agent Gateway services include MCP servers, destination agents, and endpoints. When granting IAM roles to agents, Agent Registry services are also known as resources.
Agent Gateway uses Identity-Aware Proxy (IAP) to enforce IAM allow and deny policies.
To learn more about how IAP uses IAM for policy enforcement in Gemini Enterprise Agent Platform, see Policies overview in the Agent Platform documentation.
What's next
- Read about Agent Gateway and IAP in Gemini Enterprise Agent Platform.
- Understand how IAP enforces policies in Gemini Enterprise Agent Platform.
- Manage an IAP policy in Gemini Enterprise Agent Platform.