Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for GKE Workload Identity #1324

Closed
nicolas-g opened this issue Mar 23, 2022 · 4 comments
Closed

Support for GKE Workload Identity #1324

nicolas-g opened this issue Mar 23, 2022 · 4 comments
Labels
enhancement frozen
Projects
Kanister

Comments

@nicolas-g
Copy link

Is your feature request related to a problem? Please describe.

Right now I only see the option to create secrets manually that needs to be added to the Profile.
Creating secrets is not a good practice since they can expire and require manual rotation.

Describe the solution you'd like
Will be great if Kanister can support GKE workload identity.

https://cloud.google.com/kubernetes-engine/docs/concepts/workload-identity
https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity

Environment
Storage Provider: GCP/GCS

Additional context
This is similar to AWS IRSA, or 'IAM Roles for Service Accounts' which I also think is not by supported Kanister but correct me if I'm wrong.
@shuguet shuguet added this to To do in Kanister via automation Mar 23, 2022
@ihcsim ihcsim added the triage label Mar 23, 2022
@ihcsim ihcsim moved this from Qualified Backlog to To Be Triaged in Kanister Mar 30, 2022
@ihcsim ihcsim moved this from To Be Triaged to Qualified Backlog in Kanister Mar 30, 2022
@ihcsim ihcsim removed the triage label Mar 30, 2022
@ihcsim
Copy link
Contributor

ihcsim commented Mar 30, 2022

@nicolas-g Sorry for the late response. AIUI, to get Kanister to work with Workload Identity, it's just a matter of annotating the Kanister's service account with your IAM service account, right? We recently merged #1248 that let you do that. PTAL to see if that resolves your issue. Thanks.

@ngeorgakopoulos-deloitte
Copy link

I will give it a try as soon as I can, @ihcsim thank you for getting back to me.

@github-actions
Copy link
Contributor

github-actions bot commented Jun 8, 2022

This issue is marked as stale due to inactivity. Add a new comment to reactivate it.

@github-actions github-actions bot added the stale label Jun 8, 2022
@github-actions
Copy link
Contributor

github-actions bot commented Jul 8, 2022

This issue is closed due to inactivity. Feel free to reopen it, if it's still relevant.

@github-actions github-actions bot added the rotten label Jul 8, 2022
@github-actions github-actions bot closed this as completed Jul 8, 2022
Kanister automation moved this from Qualified Backlog to Done Jul 8, 2022
@GeekYiwen GeekYiwen mentioned this issue Feb 28, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement frozen
Projects
Kanister
Done
Milestone
No milestone
Development

No branches or pull requests
4 participants
@ihcsim @nicolas-g @pavannd1 @ngeorgakopoulos-deloitte