In the GCP IAM console (or via gcloud), create a Workload Identity Pool and a Provider within it; configure the provider to trust your external IdP (AWS, Azure, GitHub Actions OIDC, or any OIDC-compliant issuer) by specifying the issuer URI and attribute mappings.
Define attribute conditions and mappings that map claims from the external token (e.g., sub, repository, or AWS account ID) to Google attributes used in IAM bindings.
Grant the external identity the roles/iam.workloadIdentityUser role on a target service account by binding the external identity principal (using the mapped attribute) to the service account's IAM policy.
In your external workload, obtain a credential configuration file using gcloud iam workload-identity-pools create-cred-config; this file tells the Google Auth libraries how to exchange the external token for a GCP access token via the Security Token Service (STS) endpoint.
Use Application Default Credentials (ADC) with the credential configuration file; the Google Auth library automatically exchanges the external token for a short-lived GCP access token and optionally impersonates the target service account.
Delete any existing long-lived service account key files after confirming federation works; audit for any remaining key references in secrets managers or CI pipelines.
Known gotchas
Attribute conditions in the workload identity pool provider are the primary security gate; overly broad conditions (e.g., accepting any subject from an issuer) can allow unintended workloads to impersonate a service account.
The STS exchange produces a federated access token, not a service account token; some GCP APIs only accept service account tokens, requiring an additional impersonation step via the Service Account Credentials API — ensure you configure both steps if needed.
Workload Identity Federation does not work for all GCP client libraries out of the box; ensure the Google Auth library version in your workload supports external credentials (check the version requirements in the official documentation).
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp