How to generate short-lived GCP Service Account Keys or OAuth2 tokens with Vault

Sometimes we prefer to store the GCP Service Account key directly in a Vault path. With this approach, doing some things like Key rotation, Offboarding the users who had access to a Vault path, and basically, Access management could be extremely hard! The benefits of using this secrets engine to manage the Google Cloud IAM service accounts are: