Vault is a great tool for secrets management. It comes with various integrations and authentication methods. This article will be focusing on authentication and authorization in Vault using Google G-Suite OIDC flow and making use of groups claim in Google Cloud Platform environment.
Google G-Suite simplifies user management and works well along with Google Cloud Platform. Groups claim can be leveraged to authorize a user in Vault by mapping its associated Google G-Suite group with a Vault group. This way the user can be assigned the relevant Vault policy.
Follow the steps laid out in Vault OIDC providers configuration. …
Security and Systems Engineering