Google Cloud Workforce Identity Federation & Demo
Рет қаралды 1,516
Күн бұрынWorkforce identity federation lets you use an external identity provider (IdP) to authenticate and authorize a workforce-a group of users, such as employees, partners, and contractors-using IAM, so that the users can access Google Cloud services.
With workforce identity federation you don't need to synchronize user identities from your existing IdP to Google Cloud identities.
@rashmitrathod6873 Жыл бұрын
Wonderfully explained the concept.. appreciate the efforts and time that goes behind making this demo.
@deepakdimri91 10 ай бұрын
Excellent Demo Sandeep!
@AbhishekKumar-us9jb 6 ай бұрын
awesome sandeeo . Too good
@osinachiibiam-uro8432 9 ай бұрын
Thanks for this video. I am currently working on a project to integrate Okta to GCP. Quick question, how did you obtain the Issuer URL for okta?
@agarsand 9 ай бұрын
I used the URL of the custom domain of my Okta tenant.
@osinachiibiam-uro8432 9 ай бұрын
Thanks@@agarsand
@vinaymurgod4130 Жыл бұрын
Hello Just have this query, is the workforce pool bound to only domain or can we sign in for all domains?
@jamesseddon1637 Жыл бұрын
I can only really speak for Azure and SAML, and even then I'm struggling to get this working with Azure groups.... but you should be able to use any domain that is valid within your external IDP, as long as your IAM policy reflects the expected domain when specifying the user/entity
@osinachiibiam-uro8432 9 ай бұрын
Another question please, were you able to access the gcp project console from the okta app dashboard, if yes how did you do that? When I tried to access the console from my okta app it returned a 400 error, but it works well with the url. Secondly, do you have any idea how I can add I single user or users (principal or principalset) to different gcp projects
@agarsand 9 ай бұрын
1) You need to enable IdP initiated flow to achieve this. I did not enable this in my demo. 2) You can achieve this in many ways in GCP IAM - e.g. by granting roles to principalset individually to multiple projects, or at a folder or at an org level.
@OsinachiIbiam-Uro 9 ай бұрын
Another question please, were you able to access the console using the okta app from the okta user dashboard, if yes how? I am getting a 400 error when I click the app. Secondly, how can a principal or principalset have access to multiple projects?
@agarsand 9 ай бұрын
1) You need to enable IdP initiated flow to achieve this. I did not enable this in my demo. 2) You can achieve this in many ways in GCP IAM - e.g. by granting roles to principalset individually to multiple projects, or at a folder or at an org level.
@OsinachiIbiam-Uro 9 ай бұрын
Thank you so much for your time@@agarsand
DevOps w/ George
Рет қаралды 7 М.
Cloud-Concepts
Рет қаралды 586
SQUAD NYEMIL
Рет қаралды 16 МЛН
Amazon Web Services
Рет қаралды 7 М.
Google Cloud Tech
Рет қаралды 25 М.
Cloudy Security with a chance of an attack
Рет қаралды 221
Tiny Technical Tutorials
Рет қаралды 89 М.
TechTrapture
Рет қаралды 1,5 М.
Simplify and secure cloud identity management with Google Cloud Identity, Microsoft AD, and Azure AD
Google Workspace
Рет қаралды 3 М.
Cloudy Security with a chance of an attack
Рет қаралды 353
IBM Technology
Рет қаралды 141 М.