feat: workload identity federation support (#698) Using workload identity federation, applications can access Google Cloud resources from Amazon Web Services (AWS), Microsoft Azure or any identity provider that supports OpenID Connect (OIDC). Workload identity federation is recommended for non-Google Cloud environments as it avoids the need to download, manage and store service account private keys locally. This includes a rollforward of the [previous reverted PR](https://github.com/googleapis/google-auth-library-python/pull/686) and the [fix](https://github.com/googleapis/google-auth-library-python/pull/686) to not pass scopes to user credentials from `google.auth.default()`.

commit: d4d7f3815e0cea3c9f39a5204a4f001de99568e9 [log] [tgz]
author: bojeil-google <bojeil-google@users.noreply.github.com> Tue Feb 16 12:33:20 2021 -0800
committer: GitHub <noreply@github.com> Tue Feb 16 13:33:20 2021 -0700
tree: d43c66f38f316fdea6828701304aa7a4ef8c0143
parent: 882d0ff28f71c6a22289a8345a24462665a05147 [diff] [blame]
diff --git a/docs/reference/google.auth.rst b/docs/reference/google.auth.rst
index 3acf7df..e21eaf9 100644
--- a/docs/reference/google.auth.rst
+++ b/docs/reference/google.auth.rst

@@ -23,11 +23,14 @@
    :maxdepth: 4
 
    google.auth.app_engine
+   google.auth.aws
    google.auth.credentials
    google.auth._credentials_async
    google.auth.environment_vars
    google.auth.exceptions
+   google.auth.external_account
    google.auth.iam
+   google.auth.identity_pool
    google.auth.impersonated_credentials
    google.auth.jwt
    google.auth.jwt_async
commit	d4d7f3815e0cea3c9f39a5204a4f001de99568e9	[log] [tgz]
author	bojeil-google <bojeil-google@users.noreply.github.com>	Tue Feb 16 12:33:20 2021 -0800
committer	GitHub <noreply@github.com>	Tue Feb 16 13:33:20 2021 -0700
tree	d43c66f38f316fdea6828701304aa7a4ef8c0143
parent	882d0ff28f71c6a22289a8345a24462665a05147 [diff] [blame]