Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/googlecloudplatform/iam-federation-tools

Integration tools for letting workloads authenticate to Google Cloud using IAM workload identity federation
https://github.com/googlecloudplatform/iam-federation-tools

active-directory federation google-cloud iam kerberos

Last synced: about 5 hours ago
JSON representation

Integration tools for letting workloads authenticate to Google Cloud using IAM workload identity federation

Host: GitHub
URL: https://github.com/googlecloudplatform/iam-federation-tools
Owner: GoogleCloudPlatform
License: apache-2.0
Created: 2022-08-12T00:10:23.000Z (over 2 years ago)
Default Branch: master
Last Pushed: 2024-12-12T11:15:32.000Z (about 2 months ago)
Last Synced: 2024-12-18T08:40:56.768Z (about 2 months ago)
Topics: active-directory, federation, google-cloud, iam, kerberos
Language: C#
Homepage:
Size: 987 KB
Stars: 9
Watchers: 15
Forks: 4
Open Issues: 6
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE.txt

Awesome Lists containing this project

README

        # IAM Federation tools

This repository contains tools for letting workloads that run outside of Google Cloud

use [workload identity federation](https://cloud.google.com/iam/docs/workload-identity-federation)

to authenticate to Google Cloud. 

## Token Service

_Token Service_ is an application that lets clients exchange custom credentials against

an ID token that suitable for workload identity federation:

*   Towards a client appliation, the Token Service application acts

    as an Open ID Connect identity provider. Clients can authenticate using

    different authentication flows and can obtain an ID token that

    asserts their identity.

    

*   When you register the _Token Service_ [as a workload identity pool provider](https://cloud.google.com/iam/docs/manage-workload-identity-pools-providers), 

    clients can then use the ID token and exchange it against short-lived Google 

    credentials by using the Google STS.

    

[](https://googlecloudplatform.github.io/iam-federation-tools/token-service/)

## Workload Authenticator for Windows

_Workload Authenticator for Windows (WWAuth)_ lets Windows applications authenticate to Google Cloud using their 

Active Directory Kerberos credentials. The tool automates the process of using Kerberos credentials to authenticate

to Active Directory Federation Services (AD FS), and using the resulting AD FS credential to authenticate to Google Cloud.

Using WWAuth is an alternative to using service account keys

and doesn't require you to manage and store any secrets or keys.

[](https://googlecloudplatform.github.io/iam-federation-tools/wwauth/)

[](https://github.com/GoogleCloudPlatform/iam-windows-authenticator/releases/latest/download/wwauth.exe)

--- 

_IAM Federation tools is an open-source project and not an officially supported Google product._

_All files in this repository are under the

[Apache License, Version 2.0](LICENSE.txt) unless noted otherwise._