Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support kubernetes workload identity #3

Open
testower opened this issue Mar 24, 2023 · 1 comment
Open

Support kubernetes workload identity #3

testower opened this issue Mar 24, 2023 · 1 comment

Comments

@testower
Copy link

When using kubernetes workload identity service account, there is no credentials file mounted in the container, however there is the option to mount the service account token: automountServiceAccountToken. This looks like a JWT belonging to the application's workload identity service account.

It therefore seems possible to have the option to use this JWT directly instead of constructing one from the credentials file.

Does this seem plausible to you?
@testower testower mentioned this issue Mar 24, 2023
Closed
@testower
Copy link
Author

testower commented Mar 25, 2023
edited
Loading

After digging some more I have found the correct way to authenticate using workload identity, which is to retrieve the token from the metadata server. See PR.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@testower