mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-23 15:41:07 +02:00
Code Issues Projects Releases Wiki Activity

Fix gcp auth trust relationship requirements block (#31293)

Browse Source
This commit is contained in:
Robert 2025-07-16 13:20:32 -05:00 committed by GitHub
parent bd7c6b7465
commit c948ec09af
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
website/content/docs/auth/gcp.mdx
View File

@ -122,13 +122,13 @@ management tool.
[federated access token](https://cloud.google.com/docs/authentication/token-types#access).
To configure a trusted relationship between Vault and GCP:
- You must configure the [identity token issuer backend](/vault/api-docs/secret/identity/tokens#configure-the-identity-tokens-backend)
for Vault.
- GCP must have a
[workload identity pool and provider](https://cloud.google.com/iam/docs/manage-workload-identity-pools-providers)
configured with information about the fully qualified and network-reachable
issuer URL for the Vault plugin's
[identity token provider](/vault/api-docs/secret/identity/tokens#read-plugin-identity-well-known-configurations).
- You must configure the [identity token issuer backend](/vault/api-docs/secret/identity/tokens#configure-the-identity-tokens-backend)
for Vault.
- GCP must have a
[workload identity pool and provider](https://cloud.google.com/iam/docs/manage-workload-identity-pools-providers)
configured with information about the fully qualified and network-reachable
issuer URL for the Vault plugin's
[identity token provider](/vault/api-docs/secret/identity/tokens#read-plugin-identity-well-known-configurations).
Establishing a trusted relationship between Vault and GCP ensures that GCP
can fetch JWKS