Google Cloud Workforce Identity Federation & Demo

Sdílet
Vložit
  • čas přidán 5. 09. 2024
  • Workforce identity federation lets you use an external identity provider (IdP) to authenticate and authorize a workforce-a group of users, such as employees, partners, and contractors-using IAM, so that the users can access Google Cloud services.
    With workforce identity federation you don't need to synchronize user identities from your existing IdP to Google Cloud identities.

Komentáře • 13

  • @rashmitrathod6873
    @rashmitrathod6873 Před 11 měsíci +1

    Wonderfully explained the concept.. appreciate the efforts and time that goes behind making this demo.

  • @deepakdimri91
    @deepakdimri91 Před 9 měsíci

    Excellent Demo Sandeep!

  • @AbhishekKumar-us9jb
    @AbhishekKumar-us9jb Před 5 měsíci

    awesome sandeeo . Too good

  • @user-ve4qi3ee3v
    @user-ve4qi3ee3v Před 8 měsíci

    Another question please, were you able to access the console using the okta app from the okta user dashboard, if yes how? I am getting a 400 error when I click the app.
    Secondly, how can a principal or principalset have access to multiple projects?

    • @agarsand
      @agarsand  Před 8 měsíci +1

      1) You need to enable IdP initiated flow to achieve this. I did not enable this in my demo.
      2) You can achieve this in many ways in GCP IAM - e.g. by granting roles to principalset individually to multiple projects, or at a folder or at an org level.

    • @user-ve4qi3ee3v
      @user-ve4qi3ee3v Před 8 měsíci

      Thank you so much for your time@@agarsand

  • @osinachiibiam-uro8432
    @osinachiibiam-uro8432 Před 8 měsíci

    Thanks for this video. I am currently working on a project to integrate Okta to GCP.
    Quick question, how did you obtain the Issuer URL for okta?

  • @osinachiibiam-uro8432
    @osinachiibiam-uro8432 Před 8 měsíci

    Another question please, were you able to access the gcp project console from the okta app dashboard, if yes how did you do that? When I tried to access the console from my okta app it returned a 400 error, but it works well with the url.
    Secondly, do you have any idea how I can add I single user or users (principal or principalset) to different gcp projects

    • @agarsand
      @agarsand  Před 8 měsíci

      1) You need to enable IdP initiated flow to achieve this. I did not enable this in my demo.
      2) You can achieve this in many ways in GCP IAM - e.g. by granting roles to principalset individually to multiple projects, or at a folder or at an org level.

  • @vinaymurgod4130
    @vinaymurgod4130 Před rokem

    Hello
    Just have this query, is the workforce pool bound to only domain or can we sign in for all domains?

    • @jamesseddon1637
      @jamesseddon1637 Před rokem

      I can only really speak for Azure and SAML, and even then I'm struggling to get this working with Azure groups.... but you should be able to use any domain that is valid within your external IDP, as long as your IAM policy reflects the expected domain when specifying the user/entity

Další v pořadí
Automatické přehrávání
Goodbye Service Account Keys, Hello Workload Identity Federation - Building Secure Apps with GCP25:19Goodbye Service Account Keys, Hello Workload Identity Federation – Building Secure Apps with GCP
Goodbye Service Account Keys, Hello Workload Identity Federation - Building Secure Apps with GCPDevOps w/ George
zhlédnutí 7K
Google Cloud Certified Security Engineer - Workforce Identity Federation18:48Google Cloud Certified Security Engineer - Workforce Identity Federation
Google Cloud Certified Security Engineer - Workforce Identity FederationCloudy Security with a chance of an attack
zhlédnutí 186
Federation between OKTA and Oracle Identity Cloud Service12:30Federation between OKTA and Oracle Identity Cloud Service
Federation between OKTA and Oracle Identity Cloud ServiceOracle Cloud TechSupper Ankur
zhlédnutí 6K
Finding out a genie's loopholes in advance00:53Finding out a genie's loopholes in advance
Finding out a genie's loopholes in advanceChris and Jack
zhlédnutí 13M
Cola + Mentos = Exploze00:12Cola + Mentos = Exploze
Cola + Mentos = Exploze Dodo dva
zhlédnutí 357K
Sabrina Carpenter - Taste (Official Video)03:19Sabrina Carpenter - Taste (Official Video)
Sabrina Carpenter - Taste (Official Video)SabrinaCarpenterVEVO
zhlédnutí 50M
Nurse's Mission: Bringing Joy to Young Lives #shorts00:17Nurse's Mission: Bringing Joy to Young Lives #shorts
Nurse's Mission: Bringing Joy to Young Lives #shortsFabiosa Stories
zhlédnutí 13M
Centralize access to your organization’s websites with Identity Aware Proxy (IAP)26:18Centralize access to your organization’s websites with Identity Aware Proxy (IAP)
Centralize access to your organization’s websites with Identity Aware Proxy (IAP)Google Cloud Tech
zhlédnutí 24K
Cybersecurity Architecture: Who Are You? Identity and Access Management31:15Cybersecurity Architecture: Who Are You? Identity and Access Management
Cybersecurity Architecture: Who Are You? Identity and Access ManagementIBM Technology
zhlédnutí 130K
What is Firebase and how to use it41:01What is Firebase and how to use it
What is Firebase and how to use itFirebase
zhlédnutí 419K
Workload Identity in GKE to fetch data from Google Cloud Storage.9:39Workload Identity in GKE to fetch data from Google Cloud Storage.
Workload Identity in GKE to fetch data from Google Cloud Storage.OutOfDevOps
zhlédnutí 4,5K
Amazon Cognito: SAML federation, IdP-initiated Login, and SAML Encryption15:29Amazon Cognito: SAML federation, IdP-initiated Login, and SAML Encryption
Amazon Cognito: SAML federation, IdP-initiated Login, and SAML EncryptionAmazon Web Services
zhlédnutí 6K
EP 08 : GCP Service Account Impersonation - Google Cloud IAM15:00EP 08 : GCP Service Account Impersonation - Google Cloud IAM
EP 08 : GCP Service Account Impersonation - Google Cloud IAMCloud Sprint
zhlédnutí 3,8K
Google Cloud Identity | Setup & Federation with Azure AD | Corporate Credentials with GCP | Part 31:11:35Google Cloud Identity | Setup & Federation with Azure AD | Corporate Credentials with GCP | Part 3
Google Cloud Identity | Setup & Federation with Azure AD | Corporate Credentials with GCP | Part 3knowledgeindia - LearnCloud
zhlédnutí 6K
How to use Github Actions with Google's Workload Identity Federation11:33How to use Github Actions with Google's Workload Identity Federation
How to use Github Actions with Google's Workload Identity FederationGoogle Cloud Tech
zhlédnutí 12K
AWS to GCP sans service account keys!! - Workload Identity Federation14:56AWS to GCP sans service account keys!! - Workload Identity Federation
AWS to GCP sans service account keys!! - Workload Identity FederationCloud Advocate
zhlédnutí 12K
POV: Já VS budík, při prvním školním dnu 🥹 #fyp #school #marcel00:16POV: Já VS budík, při prvním školním dnu 🥹 #fyp #school #marcel
POV: Já VS budík, při prvním školním dnu 🥹 #fyp #school #marcelMARCEL
zhlédnutí 166K
Cola + Mentos = Exploze00:12Cola + Mentos = Exploze
Cola + Mentos = Exploze Dodo dva
zhlédnutí 357K
Секрет фокусника! #shorts00:15Секрет фокусника! #shorts
Секрет фокусника! #shortsРоман Magic
zhlédnutí 60M
Lamine Yamal and his little brother 😍 #fcbarcelona #LamineYamal #shorts00:14Lamine Yamal and his little brother 😍 #fcbarcelona #LamineYamal #shorts
Lamine Yamal and his little brother 😍 #fcbarcelona #LamineYamal #shortsFC Barcelona
zhlédnutí 25M
NEJRYCHLEJŠÍ Střela v Historii FOTBALU…00:31NEJRYCHLEJŠÍ Střela v Historii FOTBALU…
NEJRYCHLEJŠÍ Střela v Historii FOTBALU…Horis
zhlédnutí 201K
When you discover a family secret00:59When you discover a family secret
When you discover a family secretim_siowei
zhlédnutí 32M
小丑在游泳池做什么#short #angel #clown00:13小丑在游泳池做什么#short #angel #clown
小丑在游泳池做什么#short #angel #clownSuper Beauty team
zhlédnutí 21M
PÁRTY VE 20 vs VE 30 LETECH 😅😂00:22PÁRTY VE 20 vs VE 30 LETECH 😅😂
PÁRTY VE 20 vs VE 30 LETECH 😅😂Stejk
zhlédnutí 537K