Enable Identity-Aware Proxy (IAP) for all microservices. Develop a new microservice that checks the authentication requirements for each application and controls access to the respective services.

Enable Identity-Aware Proxy (IAP) for all microservices. Manage access control lists (ACLs) for the restricted services, and configure allAuthenticatedUsers access to the public services.

Use Cloud Endpoints with Firebase Authentication for all microservices. Configure Firebase rules to manage access control lists (ACLs) for each service, allowing access to the public services.

Configure separate Cloud Run services for the public and restricted microservices. Enable Identity-Aware Proxy (IAP) only for the restricted services, and configure the Cloud Run ingress settings to ‘Internal and Cloud Load Balancing’.