Authenticating to Google Cloud from Azure App ServicesUsing workload identity federation, we can let Azure-hosted applications authenticate to Google Cloud using their managed identity. That also works for Azure App Services, but it requires a little extra work. Continue »
Authenticating to Google Cloud from an AWS Lambda functionUsing workload identity federation, we can let an AWS-hosted application authenticate to Google Cloud using its AWS credentials. That also works for Lambda functions. Continue »
Extending a platform or service to support workload identity federationWorkload identity federation isn’t limited to authenticating workloads between cloud providers. There are many other scenarios where it can be useful to use workload identity federation instead of service account keys. Not all platforms or services support workload identity federation, but it’s not too difficult to change that. Continue »
New documentation and tool support for authenticating to Google Cloud from an Active Directory environmentWhen an on-premises application needs to access Google Cloud, it’s tempting to just let it use a service account key. But if the application runs in an Active Directory environment, there’s a better alternative – we can let it use its domain credentials and “exchange” them against Google credentials. That doesn’t even require custom code anymore. Continue »