I made another video using the google-github-action/auth kzitem.info/news/bejne/mpuVqK2IrZGfdpg
@antonpopov3650
Жыл бұрын
This has been extremely useful. I am using this knowledge to put together a PoC to solve an important problem at work. The quality of production is amazing. Thank you Anto!
@OutOfDevOps
Жыл бұрын
Glad you found it useful. Thank you so much!!!
@arcangeloguerriero8206
Жыл бұрын
❤
@davidgomez3213
Жыл бұрын
Amazing! Thanks !
@gokulap
Жыл бұрын
Hello, I need to use this workload identity on any of my github org repos, how can i allow only my github org repos to use this workload identity while other repos outside of it should not be able to access it
@OutOfDevOps
Жыл бұрын
Hi Gokul, I made another video where I use the Google Auth GitHub action here: kzitem.info/news/bejne/mpuVqK2IrZGfdpg I recommend to watch the entire video but in part four I show the configuration on the Google side, the bit you are interested in is where I use the workflow_ref. You can also use other claims from the token as documented here docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#understanding-the-oidc-token, the one specific for the GitHub org is repository_owner. Hope this helps.
@gokulap
Жыл бұрын
@@OutOfDevOps Thank you so much
@gokulap
Жыл бұрын
Hi, can you make a video on implementing the kubernetes with workload identity pls ?
@OutOfDevOps
Жыл бұрын
Hi Gokul, I will work on it soon. Thanks for the suggestion.
@OutOfDevOps
Жыл бұрын
Just published this: GKE Workload Identity Example: Use Workload Identity in GKE to fetch data from Google Cloud Storage. kzitem.info/news/bejne/xHuGtmdpjJV-Zqg
@edarha7183
Жыл бұрын
i tried follow your instruction, configuring attribute mapping, but I still get the error: my SA doesn't have permission.
@OutOfDevOps
Жыл бұрын
I made another video using the google-github-action/auth kzitem.info/news/bejne/mpuVqK2IrZGfdpg hope it helps
@84Jasbir
Жыл бұрын
Hi does this service account also needs role as Service Account Token Creator? test-wif-sa
Пікірлер: 14