Hi there,
Wondering if there are any plans to allow WIF opposed to Service Accounts, based on Google’s recommendation that WIF is more secure than Service Accounts.
https://docs.cloud.google.com/iam/docs/workload-identity-federation?hl=en&_gl=1*cjfzyz*_ga*NTk3MTY5NzE2LjE3NTg1MzYwMjc.*_ga_WH2QY8WWF5*czE3Njc3NDg0MzQkbzEyJGcxJHQxNzY3NzQ4NTIzJGo2MCRsMCRoMA..
Thanks,
Brent
+6Hi
Thanks for reaching out and sharing that Google documentation! You’re absolutely right, moving toward keyless authentication like Workload Identity Federation (WIF) is a top-tier security practice, and it’s something our team takes seriously.
I’ve discussed this with our DevOps and Engineering teams, and here is where we currently stand:
Our Security Direction: We are already moving toward reinforced, keyless authentication across our platform. For instance, we’ve recently rolled out Azure SAS Token support, and S3 IAM Role authentication is currently in the final review stage.
Google WIF Status: While WIF for Google Cloud isn't on the immediate roadmap today, your feedback has put it on our radar. Our engineers are now looking into the research and resourcing needed to bring this to our Google integrations.
Next Steps: I’ll convert this into an Idea to help our product team prioritize it alongside our other security hardening updates.
We really appreciate you pushing us to stay aligned with these best practices. I'll be sure to share any updates as the research progresses! 😇
Already have an account? Login
Don't have an account? Sign Up
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.