diff --git a/vendor/github.com/hashicorp/vault-plugin-auth-gcp/Gopkg.lock b/vendor/github.com/hashicorp/vault-plugin-auth-gcp/Gopkg.lock
new file mode 100644
index 0000000000..9f2d1e652c
--- /dev/null
+++ b/vendor/github.com/hashicorp/vault-plugin-auth-gcp/Gopkg.lock
@@ -0,0 +1,201 @@
+# This file is autogenerated, do not edit; changes may be undone by the next 'dep ensure'.
+
+
+[[projects]]
+  name = "cloud.google.com/go"
+  packages = ["compute/metadata"]
+  revision = "44bcd0b2078ba5e7fedbeb36808d1ed893534750"
+  version = "v0.11.0"
+
+[[projects]]
+  name = "github.com/SermoDigital/jose"
+  packages = [".","crypto","jws","jwt"]
+  revision = "f6df55f235c24f236d11dbcf665249a59ac2021f"
+  version = "1.1"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/armon/go-radix"
+  packages = ["."]
+  revision = "1fca145dffbcaa8fe914309b1ec0cfc67500fe61"
+
+[[projects]]
+  name = "github.com/fatih/structs"
+  packages = ["."]
+  revision = "a720dfa8df582c51dee1b36feabb906bde1588bd"
+  version = "v1.0"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/golang/protobuf"
+  packages = ["proto","ptypes/any"]
+  revision = "ab9f9a6dab164b7d1246e0e688b0ab7b94d8553e"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/golang/snappy"
+  packages = ["."]
+  revision = "553a641470496b2327abcac10b36396bd98e45c9"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/hashicorp/errwrap"
+  packages = ["."]
+  revision = "7554cd9344cec97297fa6649b055a8c98c2a1e55"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/hashicorp/go-cleanhttp"
+  packages = ["."]
+  revision = "3573b8b52aa7b37b9358d966a898feb387f62437"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/hashicorp/go-hclog"
+  packages = ["."]
+  revision = "8105cc0a3736cc153a2025f5d0d91b80045fc9ff"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/hashicorp/go-multierror"
+  packages = ["."]
+  revision = "83588e72410abfbe4df460eeb6f30841ae47d4c4"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/hashicorp/go-plugin"
+  packages = ["."]
+  revision = "a5174f84d7f8ff00fb07ab4ef1f380d32eee0e63"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/hashicorp/go-rootcerts"
+  packages = ["."]
+  revision = "6bb64b370b90e7ef1fa532be9e591a81c3493e00"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/hashicorp/go-uuid"
+  packages = ["."]
+  revision = "64130c7a86d732268a38cb04cfbaf0cc987fda98"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/hashicorp/hcl"
+  packages = [".","hcl/ast","hcl/parser","hcl/scanner","hcl/strconv","hcl/token","json/parser","json/scanner","json/token"]
+  revision = "392dba7d905ed5d04a5794ba89f558b27e2ba1ca"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/hashicorp/vault"
+  packages = ["api","helper/certutil","helper/compressutil","helper/consts","helper/errutil","helper/jsonutil","helper/logformat","helper/mlock","helper/parseutil","helper/pluginutil","helper/policyutil","helper/salt","helper/strutil","helper/wrapping","logical","logical/framework","logical/plugin","version"]
+  revision = "5d37bd54ef456d544819ca670572d1c84f23c68c"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/hashicorp/yamux"
+  packages = ["."]
+  revision = "d1caa6c97c9fc1cc9e83bbe34d0603f9ff0ce8bd"
+
+[[projects]]
+  name = "github.com/mattn/go-colorable"
+  packages = ["."]
+  revision = "167de6bfdfba052fa6b2d3664c8f5272e23c9072"
+  version = "v0.0.9"
+
+[[projects]]
+  name = "github.com/mattn/go-isatty"
+  packages = ["."]
+  revision = "fc9e8d8ef48496124e79ae0df75490096eccf6fe"
+  version = "v0.0.2"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/mgutz/ansi"
+  packages = ["."]
+  revision = "9520e82c474b0a04dd04f8a40959027271bab992"
+
+[[projects]]
+  name = "github.com/mgutz/logxi"
+  packages = ["v1"]
+  revision = "aebf8a7d67ab4625e0fd4a665766fef9a709161b"
+  version = "v1"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/mitchellh/go-homedir"
+  packages = ["."]
+  revision = "b8bc1bf767474819792c23f32d8286a45736f1c6"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/mitchellh/go-testing-interface"
+  packages = ["."]
+  revision = "9a441910b16872f7b8283682619b3761a9aa2222"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/mitchellh/mapstructure"
+  packages = ["."]
+  revision = "d0303fe809921458f417bcf828397a65db30a7e4"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/sethgrid/pester"
+  packages = ["."]
+  revision = "99271bb5a99e5769f688c483eabb3c22d71ebf93"
+
+[[projects]]
+  branch = "master"
+  name = "golang.org/x/net"
+  packages = ["context","context/ctxhttp","http2","http2/hpack","idna","internal/timeseries","lex/httplex","trace"]
+  revision = "1c05540f6879653db88113bc4a2b70aec4bd491f"
+
+[[projects]]
+  branch = "master"
+  name = "golang.org/x/oauth2"
+  packages = [".","google","internal","jws","jwt"]
+  revision = "9a379c6b3e95a790ffc43293c2a78dee0d7b6e20"
+
+[[projects]]
+  branch = "master"
+  name = "golang.org/x/sys"
+  packages = ["unix"]
+  revision = "9f7170bcd8e9f4d3691c06401119c46a769a1e03"
+
+[[projects]]
+  branch = "master"
+  name = "golang.org/x/text"
+  packages = ["internal/gen","internal/triegen","internal/ucd","secure/bidirule","transform","unicode/bidi","unicode/cldr","unicode/norm","unicode/rangetable"]
+  revision = "e56139fd9c5bc7244c76116c68e500765bb6db6b"
+
+[[projects]]
+  branch = "master"
+  name = "google.golang.org/api"
+  packages = ["gensupport","googleapi","googleapi/internal/uritemplates","iam/v1"]
+  revision = "98825bb0065da4054e5da6db34f5fc598e50bc24"
+
+[[projects]]
+  name = "google.golang.org/appengine"
+  packages = [".","internal","internal/app_identity","internal/base","internal/datastore","internal/log","internal/modules","internal/remote_api","internal/urlfetch","urlfetch"]
+  revision = "150dc57a1b433e64154302bdc40b6bb8aefa313a"
+  version = "v1.0.0"
+
+[[projects]]
+  branch = "master"
+  name = "google.golang.org/genproto"
+  packages = ["googleapis/rpc/status"]
+  revision = "6b7d9516179cd47f4714cfeb0103ad1dede756c4"
+
+[[projects]]
+  name = "google.golang.org/grpc"
+  packages = [".","codes","connectivity","credentials","grpclb/grpc_lb_v1","grpclog","health","health/grpc_health_v1","internal","keepalive","metadata","naming","peer","stats","status","tap","transport"]
+  revision = "b3ddf786825de56a4178401b7e174ee332173b66"
+  version = "v1.5.2"
+
+[solve-meta]
+  analyzer-name = "dep"
+  analyzer-version = 1
+  inputs-digest = "1d1844e8ad0f0cedb4cce8d4aa400cd07b5b3c5b26cb80e473908bdf9879c175"
+  solver-name = "gps-cdcl"
+  solver-version = 1
diff --git a/vendor/github.com/hashicorp/vault-plugin-auth-gcp/Gopkg.toml b/vendor/github.com/hashicorp/vault-plugin-auth-gcp/Gopkg.toml
new file mode 100644
index 0000000000..f30b62f1db
--- /dev/null
+++ b/vendor/github.com/hashicorp/vault-plugin-auth-gcp/Gopkg.toml
@@ -0,0 +1,46 @@
+
+# Gopkg.toml example
+#
+# Refer to https://github.com/golang/dep/blob/master/docs/Gopkg.toml.md
+# for detailed Gopkg.toml documentation.
+#
+# required = ["github.com/user/thing/cmd/thing"]
+# ignored = ["github.com/user/project/pkgX", "bitbucket.org/user/project/pkgA/pkgY"]
+#
+# [[constraint]]
+#   name = "github.com/user/project"
+#   version = "1.0.0"
+#
+# [[constraint]]
+#   name = "github.com/user/project2"
+#   branch = "dev"
+#   source = "github.com/myfork/project2"
+#
+# [[override]]
+#  name = "github.com/x/y"
+#  version = "2.4.0"
+
+
+[[constraint]]
+  name = "github.com/SermoDigital/jose"
+  version = "1.1.0"
+
+[[constraint]]
+  branch = "master"
+  name = "github.com/hashicorp/go-cleanhttp"
+
+[[constraint]]
+  name = "github.com/hashicorp/vault"
+  branch = "master"
+
+[[constraint]]
+  name = "github.com/mgutz/logxi"
+  version = "1.0.0"
+
+[[constraint]]
+  branch = "master"
+  name = "golang.org/x/oauth2"
+
+[[constraint]]
+  branch = "master"
+  name = "google.golang.org/api"
diff --git a/vendor/github.com/hashicorp/vault-plugin-auth-gcp/Makefile b/vendor/github.com/hashicorp/vault-plugin-auth-gcp/Makefile
new file mode 100644
index 0000000000..93a62fcb56
--- /dev/null
+++ b/vendor/github.com/hashicorp/vault-plugin-auth-gcp/Makefile
@@ -0,0 +1,62 @@
+TOOL?=vault-gcp-auth-plugin
+TEST?=$$(go list ./... | grep -v /vendor/)
+VETARGS?=-asmdecl -atomic -bool -buildtags -copylocks -methods -nilfunc -printf -rangeloops -shift -structtags -unsafeptr
+EXTERNAL_TOOLS=\
+	github.com/mitchellh/gox \
+	github.com/kardianos/govendor
+BUILD_TAGS?=${TOOL}
+GOFMT_FILES?=$$(find . -name '*.go' | grep -v vendor)
+
+# bin generates the releaseable binaries for this plugin
+bin: fmtcheck generate
+	@CGO_ENABLED=0 BUILD_TAGS='$(BUILD_TAGS)' sh -c "'$(CURDIR)/scripts/build.sh'"
+
+default: dev
+
+# dev creates binaries for testing Vault locally. These are put
+# into ./bin/ as well as $GOPATH/bin, except for quickdev which
+# is only put into /bin/
+quickdev: generate
+	@CGO_ENABLED=0 go build -i -tags='$(BUILD_TAGS)' -o bin/vault-gcp-auth-plugin
+dev: fmtcheck generate
+	@CGO_ENABLED=0 BUILD_TAGS='$(BUILD_TAGS)' VAULT_DEV_BUILD=1 sh -c "'$(CURDIR)/scripts/build.sh'"
+dev-dynamic: generate
+	@CGO_ENABLED=1 BUILD_TAGS='$(BUILD_TAGS)' VAULT_DEV_BUILD=1 sh -c "'$(CURDIR)/scripts/build.sh'"
+
+# test runs the unit tests and vets the code
+test: fmtcheck generate
+	CGO_ENABLED=0 VAULT_TOKEN= VAULT_ACC= go test -tags='$(BUILD_TAGS)' $(TEST) $(TESTARGS) -timeout=20m -parallel=4
+
+testcompile: fmtcheck generate
+	@for pkg in $(TEST) ; do \
+		go test -v -c -tags='$(BUILD_TAGS)' $$pkg -parallel=4 ; \
+	done
+
+# testacc runs acceptance tests
+testacc: fmtcheck generate
+	@if [ "$(TEST)" = "./..." ]; then \
+		echo "ERROR: Set TEST to a specific package"; \
+		exit 1; \
+	fi
+	VAULT_ACC=1 go test -tags='$(BUILD_TAGS)' $(TEST) -v $(TESTARGS) -timeout 45m
+
+# generate runs `go generate` to build the dynamically generated
+# source files.
+generate:
+	go generate $(go list ./... | grep -v /vendor/)
+
+# bootstrap the build by downloading additional tools
+bootstrap:
+	@for tool in  $(EXTERNAL_TOOLS) ; do \
+		echo "Installing/Updating $$tool" ; \
+		go get -u $$tool; \
+	done
+
+fmtcheck:
+	@sh -c "'$(CURDIR)/scripts/gofmtcheck.sh'"
+
+fmt:
+	gofmt -w $(GOFMT_FILES)
+
+
+.PHONY: bin default generate test vet bootstrap fmt fmtcheck
diff --git a/vendor/github.com/hashicorp/vault-plugin-auth-gcp/README.md b/vendor/github.com/hashicorp/vault-plugin-auth-gcp/README.md
new file mode 100644
index 0000000000..330cc2ad67
--- /dev/null
+++ b/vendor/github.com/hashicorp/vault-plugin-auth-gcp/README.md
@@ -0,0 +1,163 @@
+# Vault Plugin: Google Cloud Platform Auth Backend
+
+This is a standalone backend plugin for use with [Hashicorp Vault](https://www.github.com/hashicorp/vault).
+This plugin allows for various GCP entities to authenticate with Vault.
+
+Currently, this plugin supports login for:
+- IAM service accounts
+
+**Please note**: We take Vault's security and our users' trust very seriously. If you believe you have found a security issue in Vault, _please responsibly disclose_ by contacting us at [security@hashicorp.com](mailto:security@hashicorp.com).
+
+## Quick Links
+    - Vault Website: https://www.vaultproject.io
+    - GCP Auth BE Docs: https://www.vaultproject.io/docs/auth/gcp.html
+    - Main Project Github: https://www.github.com/hashicorp/vault
+
+
+## Getting Started
+
+This is a [Vault plugin](https://www.vaultproject.io/docs/internals/plugins.html)
+and is meant to work with Vault. This guide assumes you have already installed Vault
+and have a basic understanding of how Vault works.
+
+Otherwise, first read this guide on how to [get started with Vault](https://www.vaultproject.io/intro/getting-started/install.html).
+
+To learn specifically about how plugins work, see documentation on [Vault plugins](https://www.vaultproject.io/docs/internals/plugins.html).
+
+### Usage
+
+Please see [documentation for the plugin](https://www.vaultproject.io/docs/auth/gcp.html)
+on the Vault website.
+
+This plugin is currently built into Vault and by default is accessed
+at `auth/gcp`. To enable this in a running Vault server:
+
+```sh
+$ vault auth-enable 'gcp'
+Successfully enabled 'gcp' at 'gcp'!
+```
+
+To see all the supported paths, see the [GCP auth backend docs](https://www.vaultproject.io/docs/auth/gcp.html).
+
+## Developing
+
+If you wish to work on this plugin, you'll first need
+[Go](https://www.golang.org) installed on your machine
+(version 1.8+ is *required*).
+
+For local dev first make sure Go is properly installed, including
+setting up a [GOPATH](https://golang.org/doc/code.html#GOPATH).
+Next, clone this repository into
+`$GOPATH/src/github.com/hashicorp/vault-gcp-auth-plugin`.
+You can then download any required build tools by bootstrapping your
+environment:
+
+```sh
+$ make bootstrap
+```
+
+To compile a development version of this plugin, run `make` or `make dev`.
+This will put the plugin binary in the `bin` and `$GOPATH/bin` folders. `dev`
+mode will only generate the binary for your platform and is faster:
+
+```sh
+$ make
+$ make dev
+```
+
+Put the plugin binary into a location of your choice. This directory
+will be specified as the [`plugin_directory`](https://www.vaultproject.io/docs/configuration/index.html#plugin_directory)
+in the Vault config used to start the server.
+
+```json
+...
+plugin_directory = "path/to/plugin/directory"
+...
+```
+
+Start a Vault server with this config file:
+```sh
+$ vault server -config=path/to/config.json ...
+...
+```
+
+Once the server is started, register the plugin in the Vault server's [plugin catalog](https://www.vaultproject.io/docs/internals/plugins.html#plugin-catalog):
+
+```sh
+$ vault write sys/plugins/catalog/mygcpplugin \
+        sha_256=<expected SHA256 Hex value of the plugin binary> \
+        command="vault-plugin-auth-gcp"
+...
+Success! Data written to: sys/plugins/catalog/mygcpplugin
+```
+
+Note you should generate a new sha256 checksum if you have made changes
+to the plugin. Example using openssl:
+
+```sh
+openssl dgst -sha256 $GOPATH/vault-plugin-gcp-auth
+...
+SHA256(.../go/bin/vault-plugin-auth-gcp)= 896c13c0f5305daed381952a128322e02bc28a57d0c862a78cbc2ea66e8c6fa1
+```
+
+Any name can be substituted for the plugin name "mygcpplugin". This
+name will be referenced in the next step, where we enable the auth
+plugin backend using the GCP auth plugin:
+
+```sh
+$ vault auth-enable -plugin-name='mygcpplugin' -path='gcp' plugin
+...
+
+Successfully enabled 'plugin' at 'gcp'!
+```
+
+### Testing
+
+To run tests, type `make test`. Note: this requires Docker to be installed. If
+this exits with exit status 0, then everything is working!
+
+```sh
+$ make test
+...
+```
+
+If you're developing a specific package, you can run tests for just that
+package by specifying the `TEST` variable. For example below, only
+`vault` package tests will be run.
+
+```sh
+$ make test TEST=./vault
+...
+```
+
+#### Acceptance Tests
+
+This plugin has comprehensive [acceptance tests](https://en.wikipedia.org/wiki/Acceptance_testing)
+covering most of the features of this auth backend.
+
+If you are developing this plugin and want to verify it is still
+functioning (and you haven't broken anything else), we recommend
+running the acceptance tests.
+
+Acceptance tests typically require other environment variables to be set for
+things such as access keys. The test itself should error early and tell
+you what to set, so it is not documented here.
+
+**Warning:** The acceptance tests create/destroy/modify *real resources*,
+which may incur real costs in some cases. In the presence of a bug,
+it is technically possible that broken backends could leave dangling
+data behind. Therefore, please run the acceptance tests at your own risk.
+At the very least, we recommend running them in their own private
+account for whatever backend you're testing.
+
+To run the acceptance tests, invoke `make testacc`:
+
+```sh
+$ make testacc
+```
+
+You can also specify a `TESTARGS` variable to filter tests like so:
+
+```sh
+$ make testacc TESTARGS='--run=TestConfig'
+```
diff --git a/vendor/github.com/hashicorp/vault-plugin-auth-gcp/main.go b/vendor/github.com/hashicorp/vault-plugin-auth-gcp/main.go
new file mode 100644
index 0000000000..1c70b2788e
--- /dev/null
+++ b/vendor/github.com/hashicorp/vault-plugin-auth-gcp/main.go
@@ -0,0 +1,27 @@
+package main
+
+import (
+	gcpbackend "github.com/hashicorp/vault-plugin-auth-gcp/plugin"
+	"github.com/hashicorp/vault/helper/pluginutil"
+	"github.com/hashicorp/vault/logical/plugin"
+	"log"
+	"os"
+)
+
+func main() {
+	apiClientMeta := &pluginutil.APIClientMeta{}
+	flags := apiClientMeta.FlagSet()
+	flags.Parse(os.Args)
+
+	tlsConfig := apiClientMeta.GetTLSConfig()
+	tlsProviderFunc := pluginutil.VaultPluginTLSProvider(tlsConfig)
+
+	err := plugin.Serve(&plugin.ServeOpts{
+		BackendFactoryFunc: gcpbackend.Factory,
+		TLSProviderFunc:    tlsProviderFunc,
+	})
+	if err != nil {
+		log.Println(err)
+		os.Exit(1)
+	}
+}
diff --git a/vendor/vendor.json b/vendor/vendor.json
index e8b8b4f638..d91960b89b 100644
--- a/vendor/vendor.json
+++ b/vendor/vendor.json
@@ -1040,17 +1040,23 @@
 			"revision": "bbeddf0b3ab3072a60525afbd6b6f47d33839eee",
 			"revisionTime": "2017-07-14T18:26:01Z"
 		},
+		{
+			"checksumSHA1": "0+GdkCbe9GplobPLWizCNqhntbU=",
+			"path": "github.com/hashicorp/vault-plugin-auth-gcp",
+			"revision": "6d78c24a995a2df3188ca891db068fbecbc69262",
+			"revisionTime": "2017-09-05T14:51:27Z"
+		},
 		{
 			"checksumSHA1": "UsbYUscv6YGOBS7qNcCr3mVwuX8=",
 			"path": "github.com/hashicorp/vault-plugin-auth-gcp/plugin",
-			"revision": "1b25f3546a463fbfac29a932ba144a62485f300c",
-			"revisionTime": "2017-08-16T04:25:34Z"
+			"revision": "6d78c24a995a2df3188ca891db068fbecbc69262",
+			"revisionTime": "2017-09-05T14:51:27Z"
 		},
 		{
 			"checksumSHA1": "2Fk5xIPOoKD4Of9cUIQPKXb2htg=",
 			"path": "github.com/hashicorp/vault-plugin-auth-gcp/plugin/util",
-			"revision": "1b25f3546a463fbfac29a932ba144a62485f300c",
-			"revisionTime": "2017-08-16T04:25:34Z"
+			"revision": "6d78c24a995a2df3188ca891db068fbecbc69262",
+			"revisionTime": "2017-09-05T14:51:27Z"
 		},
 		{
 			"checksumSHA1": "ZhK6IO2XN81Y+3RAjTcVm1Ic7oU=",