You can use the standard build and deploy process for ASP.NET to an IIS VM on Google Compute Engine. Following this process, you must configure the GCP side.

1. Add an exception for TCP on port 445. This is the port used by net.exe to map the remote drive.
2. Add an exception for TCP on port 5986 to enable WinRM over HTTPS.
   • If your GCE VM is domain joined, you can open TCP on port 5985 to enable WinRM over HTTP.

1. Connect remotely to the VM.
2. Go to Windows Firewall with Advanced Security.
3. Enable the Netlogon Service (NP-In) rule.

The certificate the ASP.NET image uses for WinRM over HTTPS references its machine name. To connect to the machine using an ip address, you have to change the WinRM listener to use a certificate with the ip address as the common name. In a powershell window with administrator access on the VM, run the following commands:

PS C:> $ip = "<ip of vm>"
PS C:> $cert = New-SelfSignedCertificate -DnsName $ip `
                  -CertStoreLocation Cert:\LocalMachine\My\
PS C:> ls WSMan:\localhost\Listener |
          ? {$_.keys -match "Transport=HTTPS"} |
          rm -Recurse
PS C:> New-Item WSMan:\localhost\Listener -Transport HTTPS -Address * `
          -CertificateThumbPrint $cert.Thumbprint -Force

The admin login for these tasks must be prefaced with the domain. If the username is TfsUser and the machine name is Tfs-AspNet-1, the Admin login for these tasks would be Tfs-AspNet-1\TfsUser.

The build process for building from the public google getting started dotnet samples repository looks like this: