GKE Workload Identity Automated with Kubes: Confirm with gcloud

GKE Workload Identity Automated with Kubes: Confirm with gcloud

August 18, 2022

GKE Workload Identity is a way to associated a Google Service Account with a Kubernetes Service Account.

Google Service Account <=> Kubernetes Service Account
GSA <=> KSA

In this video, we'll automate the entire process of creating both the GSA and KSA and binding the 2 together. We'll use the Kubes toosl to do this. We'll use Kubes Hooks to create the Google Service Account: https://kubes.guru/docs/helpers/google/service-account/

We'll confirm everything is working with the gcloud command.

Useful Commands

gcloud iam service-accounts get-iam-policy SERVICE_ACCOUNT@GOOGLE_PROJECT.iam.gserviceaccount.com

Links

Kubernetes Deploy Tools
48m

Get full access to these great resources

All for less than the price of coffee a day

38 courses
274 lessons
44+ hours

Get started with BoltOps Learn now and get access to easy and powerful lessons

BoltOps Tools