Workload Identity Federation to integrate Terraform Cloud with GCP

Due to the Organisation policy, we are not allowed to download the GCP Service Account keys. So I wonder how could we integrate Terraform Cloud with Google Cloud Platform. Is WIF an option?

1 Like

I have submitted this as feature request a while ago. It would be amazing to have this. Much better security.

Please Terraform Cloud team put this on the road map.

With the absence of native oidc support within Terraform Cloud the only options are:

  1. TFC Remote Agents on GKE / GCE
  2. Hashicorp Vault integration so TFC fetches oauth2 token on each run