Your company has implemented a security policy to reduce the use of service account keys. On-premises Windows applications need to interact with Google Cloud APIs. How should you implement Workload Identity Federation (WIF) with your on-premises identity provider?

Exam-Like

Last updated: December 5, 2025 at 14:03

Set up a workload identity pool with your corporate Active Directory Federation Service (ADFS). Configure a rule to let principals in the pool impersonate the Google Cloud service account.

Set up a workload identity pool with your corporate Active Directory Federation Service (ADFS). Let all principals in the pool impersonate the Google Cloud service account.

Set up a workload identity pool with an OpenID Connect (OIDC) service on the same machine. Configure a rule to let principals in the pool impersonate the Google Cloud service account.

Set up a workload identity pool with an OpenID Connect (OIDC) service on the same machine. Let all principals in the pool impersonate the Google Cloud service account.

Google Professional Cloud Security Engineer

Get started today

Comments

Your company has implemented a security policy to reduce the use of service account keys. On-premises Windows applications need to interact with Google Cloud APIs. How should you implement Workload Identity Federation (WIF) with your on-premises identity provider?