Google Cloud Platform1.18 млн
Опубликовано 18 мая 2022, 17:11
Workload Identity How-To → goo.gle/3PvGkC0
Do you want your GKE workloads to interact with Google Cloud APIs in a safe and secure way? In this video we will show you how to enable and configure Workload Identity to have your workloads impersonate Identity and Access Management service accounts. You can use these same service accounts to configure access to Google Cloud APIs such as Compute Engine API, BigQuery Storage API, or Machine Learning APIs without compromising security. So any privileges your service accounts have been given your GKE workloads will have too! Watch to learn how to enable Workload Identity on your GKE cluster configure your apps to use it.
Chapters:
0:00 - Intro
0:37 - Enable Workload identity for GKE cluster in the Cloud Console
1:17 - Identify the service account used by the workload
1:41 - Update node pool to use Workload Identity
2:05 - Create a Google Service Account (GSA) and bind it with Kubernetes Service Account (KSA)
2:35 - Update KSA to use GSA
2:53 - Verify the workload is using Google service account
3:09 - Wrap Up
Subscribe to GCP Support Shorts → goo.gle/3pdzpl9
Subscribe to Google Cloud Tech → goo.gle/GoogleCloudTech
#GCPSupportShorts
Do you want your GKE workloads to interact with Google Cloud APIs in a safe and secure way? In this video we will show you how to enable and configure Workload Identity to have your workloads impersonate Identity and Access Management service accounts. You can use these same service accounts to configure access to Google Cloud APIs such as Compute Engine API, BigQuery Storage API, or Machine Learning APIs without compromising security. So any privileges your service accounts have been given your GKE workloads will have too! Watch to learn how to enable Workload Identity on your GKE cluster configure your apps to use it.
Chapters:
0:00 - Intro
0:37 - Enable Workload identity for GKE cluster in the Cloud Console
1:17 - Identify the service account used by the workload
1:41 - Update node pool to use Workload Identity
2:05 - Create a Google Service Account (GSA) and bind it with Kubernetes Service Account (KSA)
2:35 - Update KSA to use GSA
2:53 - Verify the workload is using Google service account
3:09 - Wrap Up
Subscribe to GCP Support Shorts → goo.gle/3pdzpl9
Subscribe to Google Cloud Tech → goo.gle/GoogleCloudTech
#GCPSupportShorts