How to enable and configure Workload Identity

Опубликовано 18 мая 2022, 17:11

Workload Identity How-To → goo.gle/3PvGkC0

Do you want your GKE workloads to interact with Google Cloud APIs in a safe and secure way? In this video we will show you how to enable and configure Workload Identity to have your workloads impersonate Identity and Access Management service accounts. You can use these same service accounts to configure access to Google Cloud APIs such as Compute Engine API, BigQuery Storage API, or Machine Learning APIs without compromising security. So any privileges your service accounts have been given your GKE workloads will have too! Watch to learn how to enable Workload Identity on your GKE cluster configure your apps to use it.

Chapters:
0:00 - Intro
0:37 - Enable Workload identity for GKE cluster in the Cloud Console
1:17 - Identify the service account used by the workload
1:41 - Update node pool to use Workload Identity
2:05 - Create a Google Service Account (GSA) and bind it with Kubernetes Service Account (KSA)
2:35 - Update KSA to use GSA
2:53 - Verify the workload is using Google service account
3:09 - Wrap Up

Subscribe to GCP Support Shorts → goo.gle/3pdzpl9
Subscribe to Google Cloud Tech → goo.gle/GoogleCloudTech

#GCPSupportShorts