GCP Instance Identity
Attest that a command was executed on a GCP instance you trust
The Google Cloud Platform (GCP) Instance Identity Attestor communicates with the GCP metadata server to collect information about the instance on which TestifySec Witness is being exected. The instance identity JSON Web Token signature is validated against Google’s JWKS (JSON Web Key Set) to ensure authenticity.
Subjects
Subject | Description |
---|---|
instanceid |
ID of the Google Compute instance on which Witness was executed |
instancename |
Name of the Compute instance on which Witness was executed |
projectid |
The ID of the project to which the instance belonged |
projectnumber |
Number of the project to which the instance belonged |
clusteruid |
UID of the cluster if the execution environment was a Google Kubernetes Engine (GKE) cluster |
Last modified May 10, 2022: update descriptions for docs (39f6d72)