Store Encryption key and symmetric key in vault with specific access privileges

Hi Team,

I am looking for option where my application hosted on gcp cloud run workload and my hashicorp vault is hosted on prem , the requirements is I wanted to store private keys and symmetric encryption keys inside on prem vault and it should be accessible via gcp application but with specific principles or specific account , how we can do this ? Appreciate if any help on this requirement