Vault + GCP + GSuite

UPDATE (8 July, 2021): I have updated the default_role code snippet to work with Vault 1.7.1.

Vault is a great tool for secrets management. It comes with various integrations and authentication methods. This article will be focusing on authentication and authorization in Vault using Google G-Suite OIDC flow and making use of groups claim in Google Cloud Platform environment.

Google G-Suite simplifies user management and works well along with Google Cloud Platform. Groups claim can be leveraged to authorize a user in Vault by mapping its associated Google G-Suite group with a Vault group. …

Vipul Agarwal

Security and Systems Engineering

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store