Using IAP Desktop to create the tunnel for VSCode Remote development

[KingBain]

Has anyone been able to successfully create this configuration?

Using IAP Desktop to create the tunnel for VSCode Remote development.

Ideal situation is use IAP Desktop handle auth and tunnel creation to VM via SSH

Use VSCode plus remote development extension to connect via tunnel to SSH session.

[jpassing]

What should work is the following:

1. In IAP Desktop, right-click the target VM and selecting Connect client application > Forward local port.
2. In the Forward local port dialog, enter port number 22 and click OK.
   After a few seconds, you see a notification containing the local port number of the tunnel.

This gives you a tunnel through which you can use SSH. But for VS Code to work, you also need an SSH key.

If you request IAP Desktop to create a tunnel, it doesn't create/publish an SSH key -- and even if it did, VS Code wouldn't be able to access the private key because IAP Desktop stores the private key in the Windows CNG key store while VS Code/OpenSSH expects it as a file on disk.

So you need to create and publish the key yourself (manually or by using gcloud) and save the key in the default .ssh folder where VS Code can find it. Once the key is in place, you should be able to create an SSH connection to localhost:<port-number-of-tunnel> from within VS Code.

I agree that it's all not particularly convenient.