Automated GCR Secret Management

Challenge

The customer, a large financial media company, operates a hybrid cloud environment comprised of on-premise data centers and multiple cloud providers. While Google natively supports dynamic short-lived credentials for accessing their GCR repositories within GCP, access from on-premise and other clouds relied on static keys with an onerous rotation process.

Solution

Rearc leveraged Cloud Functions and Pub/Sub to integrate external automation workflows in Jenkins with Identity and Access Management in GCP. This solution enables on-demand and scheduled generation of dynamic service account keys for use in on-premise container builds and pull secrets for Kubernetes clusters hosted in any cloud.

Outcome

Accelerated development time: A manual process taking several hours now completes in a few minutes.
Improved developer productivity: developers were able to focus more on innovation and less on manually rotating and managing keys.
Robust security and compliance: Updating manual processes to automated ones improves observability and maintainability for security and compliance.

Latest Articles

Read more about the latest and greatest work Rearc has been up to.

Accelerating and Securing Innovation

As organizations strive to innovate rapidly, enhancing development velocity for their applications have become crucial. Rearc partnered with a Fortune 250 customer with the primary objective of streamlining the creation of net-new applications with built-in best practices. Key challenges included ensuring seamless integration with existing systems, maintaining robust security practices, accelerating time-to-market, retaining quality, and more.

Insurance

Modernization

Fortune 250

Databricks DataHub

Rearc designed and implemented a foundational governance pattern, DataHub, supporting sharing of data between internal buisness segments on Databricks.

Financial Services

Governance

Fortune 500