Introducing time-bound key authentication for service accounts

Source

We’re continually working to improve Google Cloud’s Identity and Access Management (IAM) capabilities to help secure and govern your cloud environment. When organizations need to grant external applications permission to access Google Cloud APIs and resources there are several options. While many customers have embraced our updated guidance for authentication that includes using Workload identity federation where possible, service account keys are still widely used for authenticating external apps. To help address security challenges that may arise from the use of service account keys, we are excited to introduce service account key expiry. With this capability, customers can now configure [...]