GCP

Secrets Management

StrongDM integrates with the GCP Secret Manager to allow your nodes to proxy access to resources using secrets that are added and maintained in your cloud-native secrets manager.

Node Management

When configuring gateways or relays to proxy client traffic to resources, the GCP Nodes guide can be of use for setup.

User Management

StrongDM provides an integration for SSO authentication with Google as well as user provisioning with Google.

Resources

Additionally, StrongDM offers proxied access to cloud resources using the following resource types.

Cloud Resources

• GCP (Workforce Identity Federation) - Proxy access to manage your Google Cloud via the CLI or through the web console using Workforce Identity Federation to authenticate. See the GCP (Workforce Identity Federation) guide for more details.

• GCP CLI/SDK (Service Account) - Proxy access to your Google Cloud for service accounts via the CLI or SDKs. See the GCP CLI/SDK (Service Account) guide for more details.

Cluster Resources

When setting up Kubernetes, it's advisable to use a Helm chart and the Kubernetes (Pod Identity) resource type. If you're manually setting up a Kubernetes resource in the cloud, you can also use the Google-specific GKE resource type.

• Deploy Kubernetes via the Helm chart

• Kubernetes (Pod Identity) resource guide

• GKE resource guide

Server Resources

Any of StrongDM's SSH resource types (listed on the Servers page) can be used to set up AWS server instances as resources in StrongDM.

Datasource Resources

A variety of StrongDM's datasource resource types can be used to support Cloud SQL and other GCP resource types, depending on the database protocol used (see the Datasources list to review the available resource types), and there is also a bespoke BigQuery resource type.

• Datasource guides

• BigQuery