GCP

The Google Cloud Platform (GCP) can host StrongDM nodes, manage secrets, and manage users. StrongDM can govern access to gcloud and many GCP resource types.

Secrets Management

StrongDM integrates with the GCP Secret Manager to allow your nodes to proxy access to resources using secrets that are added and maintained in your cloud-native secrets manager.

GCP Secret Manager

Node Management

When configuring gateways or relays to proxy client traffic to resources, the GCP Nodes guide can be of use for setup.

GCP Nodes

User Management

StrongDM provides an integration for SSO authentication with Google as well as user provisioning with Google.

SSO With Google Provisioning With Google Cloud

Resources

Additionally, StrongDM offers proxied access to cloud resources using the following resource types.

Cloud Resources

GCP (Workforce Identity Federation) - Proxy access to manage your Google Cloud via the CLI or through the web console using Workforce Identity Federation to authenticate. See the GCP (Workforce Identity Federation) guide for more details.
GCP CLI/SDK (Service Account) - Proxy access to your Google Cloud for service accounts via the CLI or SDKs. See the GCP CLI/SDK (Service Account) guide for more details.

Cluster Resources

When setting up Kubernetes, it's advisable to use a Helm chart and the Kubernetes (Pod Identity) resource type. If you're manually setting up a Kubernetes resource in the cloud, you can also use the Google-specific GKE resource type.

Server Resources

Any of StrongDM's SSH resource types (listed on the Servers page) can be used to set up AWS server instances as resources in StrongDM.

Datasource Resources

A variety of StrongDM's datasource resource types can be used to support Cloud SQL and other GCP resource types, depending on the database protocol used (see the Datasources list to review the available resource types), and there is also a bespoke BigQuery resource type.

Last updated 15 days ago

Was this helpful?