HashiCorp Vault groups integration with Google G Suite

Vault + GCP + GSuite

What is the advantage of groups claim?

Prerequisites

Create Policies

Configure OIDC Authentication

Create default_role

Create Vault group and group-alias

Test the setup

$ vault login -method=oidc
...
Key Value
--- -----
token <TOKEN>
token_accessor <TOKEN_ACCESSOR>
token_duration 768h
token_renewable true
token_policies ["default" "reader"]
identity_policies ["manager"]
policies ["default" "manager" "reader"]
token_meta_role default_role

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store