← all posts
Jan 30, 2026·6 min read·Infra

Keyless multi-cloud: AWS → GCP Vertex AI without a single secret

How an AWS Lambda calls Google's Vertex AI with zero stored credentials — using Workload Identity Federation end to end.

//The problem

A video pipeline ran on AWS but needed Google's Veo 3.1, which lives on Vertex AI. The obvious path — mint a GCP service-account key and stash it in AWS — means a long-lived secret to rotate, audit, and leak. I wanted zero stored credentials crossing the cloud boundary.

//How WIF works

Workload Identity Federation lets GCP trust an external identity provider. The AWS task signs a request with its own IAM identity; GCP's STS verifies that signature and hands back a short-lived access token for a service account it's allowed to impersonate. No key ever exists — the AWS role is the credential.

auth.py
# exchange the AWS identity for a short-lived GCP token
creds = identity_pool.Credentials.from_info(wif_config)
creds.refresh(Request())     # STS does the AWS→GCP exchange
vertex = aiplatform.init(credentials=creds)

//The payoff

The Fargate task authenticates to Vertex AI on every run with a token that expires in an hour and is never written to disk. Nothing to rotate, nothing to leak, and the audit trail points straight back to the AWS role that made the call.

▸ key result
0 keyslong-lived credentials stored across the AWS↔GCP boundary — verified end-to-end in production.
AS
Akshayaram Swaminathan
builds AI products 0→1
← previous
Cutting LLM inference cost 60% with semantic caching
next →
Building an ed-tech company solo: every layer, one person