Cloud Infrastructure Integration

Google Cloud IAM

Integrate TigerIdentity with Google Cloud Platform for comprehensive IAM sync, service account management, and just-in-time role provisioning.

Book a DemoView Documentation

Key Features

Organization-Wide Sync

Sync IAM data across all GCP projects, folders, and the entire organization hierarchy.

Service Accounts

Track service accounts, keys, and impersonation permissions across projects.

IAM Policies

Monitor IAM policy bindings, custom roles, and predefined role assignments.

Workload Identity

Integrate with GKE Workload Identity for Kubernetes service account mapping.

Cloud Asset Inventory

Leverage Cloud Asset API for comprehensive resource and access tracking.

Just-In-Time Roles

Dynamically grant and revoke IAM role bindings based on policy decisions.

How It Works

1

Create Service Account

Set up a GCP service account with organization-level IAM and Cloud Asset API permissions.

2

Discover Resources

TigerIdentity scans your organization hierarchy to discover all projects and resources.

3

Sync IAM Data

Continuous sync of IAM policies, service accounts, custom roles, and resource bindings.

4

Grant Access

Dynamically add or remove IAM policy bindings based on TigerIdentity policies.

Configuration Example

connector:
  type: gcp-iam
  name: "gcp-production"

  config:
    organization_id: "123456789012"
    service_account_key: "${GCP_SERVICE_ACCOUNT_JSON}"
    projects:
      - my-production-project
      - my-staging-project

  sync:
    iam_policies: true
    service_accounts: true
    custom_roles: true
    organization_policies: true

  events:
    audit_logs: true
    log_types:
      - admin_activity
      - data_access
      - system_event

  provisioning:
    enabled: true
    role_prefix: "tigeridentity_"
    ttl: 3600

Use Cases

Multi-Project Access

Centralize access control across hundreds of GCP projects without manual IAM configuration.

Service Account Security

Monitor service account key creation and usage, enforce key rotation policies.

GKE Access Control

Integrate with Workload Identity to control pod-to-GCP-resource access dynamically.

Least Privilege Automation

Analyze actual resource usage and automatically recommend minimal IAM permissions.

Ready to connect Google Cloud IAM?

See how TigerIdentity transforms GCP access management in a personalized demo.

Schedule Your Demo