Hi There
Recently , we build out Terraform Enterprise (hosted on GCP ). Our organisation policy is to disable and not use Service Account Keys ( we are using GCP as our cloud ). As per my understanding and knowledge to provisioning infrastructure , we need to use Service Account and keys to authenticate to GCP. What we are looking is , to avoid SA (Service Account) Keys and looking for impersonation feature. I see many blogs and articles on Service Account Impersonation with Open Source Terraform , however I don’t see any blog how to implement the same (SA Impersonation) with TFE (Terraform Enterprise ) .
Ref blog : A Hitchhiker’s Guide to GCP Service Account Impersonation in Terraform | by Garrett Wong | Google Cloud - Community | Medium