Secured way to authenticate GCP account in GitLab


I have started using GitLab newly and is now using ci/cd feature for building resources on GCP account. I am currently searching for a secured way to authenticate GCP

I see, there are two ways available right now, authenticating with username/pwd or providing JSON key for GCP Service account in GitLabs settings. But both of these are not possible/allowed for larger organizations. Is there any other safe way to authenticate GCP ?