mirror of
https://github.com/hashicorp/vault.git
synced 2025-08-16 19:47:02 +02:00
f48c70a449
* VAULT-15546 First pass at Vault Proxy docs * VAULT-15546 correct errors * VAULT-15546 fully qualify paths * VAULT-15546 remove index * VAULT-15546 Some typos and clean up * VAULT-15546 fix link * VAULT-15546 Add redirects so old links stay working * VAULT-15546 more explicit redirects * VAULT-15546 typo fixes * Suggestions for Vault Agent & Vault Proxy docs (#20612) * Rename 'agentandproxy' to 'agent-and-proxy' for better URL * Update the index pages for each section * VAULT-15546 fix link typo --------- Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
35 lines
1.2 KiB
Plaintext
35 lines
1.2 KiB
Plaintext
---
|
|
layout: docs
|
|
page_title: Vault Auto-Auth GCP Method
|
|
description: GCP Method for Vault Auto-Auth
|
|
---
|
|
|
|
# Vault Auto-Auth GCP Method
|
|
|
|
The `gcp` method performs authentication against the [GCP Auth
|
|
method](/vault/docs/auth/gcp). Both `gce` and `iam`
|
|
authentication types are supported.
|
|
|
|
## Credentials
|
|
|
|
Vault will use the GCP SDK's normal credential chain behavior. You can set a
|
|
static `credentials` value, but it is usually not needed. If running on GCE
|
|
using Application Default Credentials, you may need to specify the service
|
|
account and project since ADC does not provide metadata used to automatically
|
|
determine these.
|
|
|
|
## Configuration
|
|
|
|
- `type` `(string: required)` - The type of authentication; must be `gce` or `iam`
|
|
|
|
- `role` `(string: required)` - The role to authenticate against on Vault
|
|
|
|
- `credentials` `(string: optional)` - When using static credentials, the
|
|
contents of the JSON credentials file
|
|
|
|
- `service_account` `(string: optional)` - The service account to use, if it
|
|
cannot be automatically determined
|
|
|
|
- `jwt_exp` `(string or int: optional)` - The number of minutes a generated JWT
|
|
should be valid for when using the `iam` method; defaults to 15 minutes
|