Using Workforce Identity Federation and Entra App roles to control access to Google CloudManaging access to Google Cloud resources at scale is difficult without groups. But passing group memberships from Entra ID to Google Cloud comes with its own set of challenges, and a better option is to use App roles. Continue »
JIT Groups, or what's next for the JIT Access projectWith Privileged Access Manager in public preview now, there’s little reason to maintain an open-source project that largely provides the same capabilities. But that doesn’t mean JIT Access is going away – instead, the project is changing focus, and its name too. Continue »
Granting a service account just enough access to manage a Cloud Identity groupTo implement role-based access control to Google Cloud resources, it’s often useful to create a set of groups, where each group represents a role for a certain set of resources. But how can we automate the management of these groups, without granting our automation too much access? Continue »