Case Study

Automated GCR Secret Management

Challenge

The customer, a large financial media company, operates a hybrid cloud environment comprised of on-premise data centers and multiple cloud providers. While Google natively supports dynamic short-lived credentials for accessing their GCR repositories within GCP, access from on-premise and other clouds relied on static keys with an onerous rotation process.

Solution

Rearc leveraged Cloud Functions and Pub/Sub to integrate external automation workflows in Jenkins with Identity and Access Management in GCP. This solution enables on-demand and scheduled generation of dynamic service account keys for use in on-premise container builds and pull secrets for Kubernetes clusters hosted in any cloud.

Outcome

  • Accelerated development time: A manual process taking several hours now completes in a few minutes.
  • Improved developer productivity: developers were able to focus more on innovation and less on manually rotating and managing keys.
  • Robust security and compliance: Updating manual processes to automated ones improves observability and maintainability for security and compliance.

Latest Articles

Read more about the latest and greatest work Rearc has been up to.

Next steps

Ready to talk about your next project?

1

Tell us more about your custom needs.

2

We’ll get back to you, really fast

3

Kick-off meeting

Let's Talk