Skip to content

Support Application Default Credentials or Workload Identity when running in GCP #311

Open
#1639
Open
Support Application Default Credentials or Workload Identity when running in GCP#311
#1639
Assignees
ahmadnurus
Labels
help wantedDenotes an issue that needs help from a contributor. Must meet "help wanted" guidelines.kind/featureCategorizes issue or PR as related to a new feature.lifecycle/frozenIndicates that an issue or PR should not be auto-closed due to staleness.
@colinman

Description

@colinman
colinman
opened on Jul 30, 2020

/kind feature

Describe the solution you'd like

Exporting service account credentials and storing in K8S secret store introduces an unnecessary secret and potential point of compromise if the cluster API provider is running inside GCP.

In this case, the provider should first look for Application Default Credentials or use workload identity before requiring service account credential keys.

Metadata

Metadata

Assignees

Labels

help wantedDenotes an issue that needs help from a contributor. Must meet "help wanted" guidelines.kind/featureCategorizes issue or PR as related to a new feature.lifecycle/frozenIndicates that an issue or PR should not be auto-closed due to staleness.

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions