IssueTracker

+1 here too. But the problem is also with disks. We currently use part of hostname in the name. Sometimes a machine has to be renamed and it's not possible.

+1

Hello,

This has been forwarded to the Engineering Team so that they may evaluate it. Note that there are no ETAs or guarantees of implementation for this. All communication regarding this has to be done here.

Hi there,

I've covered US Federal Dep't of Interior, Social Security Administration, Department of Agriculture, FAA, and Department of Travel and every time we've talked about identity and access management this subject has come up.

In Federal markets, there is a standard (and in some cases a requirement) to have a 15 minute session timeout as a maximum. Federal customers typically accredit to NIST 800-53 information security standards and each agency that I've worked with has asked for a 15 minute timeout, and, in some cases (like SSA), have asked for even more aggressive session timeouts.

Regarding #43

Re comment#42: The very first authorization has to be in the browser, as will any subsequent explcit invocations of gcloud auth login. The 'session control' policy is only for reauthentication of an already authorized session.

how do we 'reauthenticate an already authorized session'?

I am having to go through the full authentication flow twice every day, once for any browser tabs on console.cloud.google.com and then again for the gcloud session. The only way i can get gcloud working again is do a gcloud auth login --update-adc

How to we get around this? We have GCP Session Control Re-authentication method set to 'Security Key'. Using console.cloud.google.com it would be nice to be able to use a passkey.

$ gcloud compute instances list
Reauthentication required.
ERROR: (gcloud.compute.instances.list) There was a problem refreshing your current auth tokens: Reauthentication failed. Reauthentication challenge failed due to API error: NO_AVAILABLE_CHALLENGES