Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[GEP-26] Support workload identity tokens for cloud provider CLIs #406

Open
petersutter opened this issue Mar 11, 2024 · 0 comments
Open

[GEP-26] Support workload identity tokens for cloud provider CLIs #406

petersutter opened this issue Mar 11, 2024 · 0 comments
Labels
component/gardenctl Gardener CLI kind/enhancement Enhancement, improvement, extension lifecycle/stale Nobody worked on this for 6 months (will further age)

Comments

@petersutter
Copy link
Member

What would you like to be added:
With GEP-26, a new WorkloadIdentity resource is introduced. This resource is comparable to ServiceAccounts, for which tokens can be requested by creating a security.gardener.cloud/v1alpha1.TokenRequest. This is similar to the TokenRequest API for service accounts.

It should be possible to request such tokens via gardenctl to configure the cloud provider CLIs. This is similar to how it is currently done with the provider-env command, which uses the static cloud infrastructure credentials stored as secrets in the garden cluster.

Why is this needed:
@petersutter petersutter added component/gardenctl Gardener CLI kind/enhancement Enhancement, improvement, extension labels Mar 11, 2024
@gardener-robot gardener-robot added the lifecycle/stale Nobody worked on this for 6 months (will further age) label Nov 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
component/gardenctl Gardener CLI kind/enhancement Enhancement, improvement, extension lifecycle/stale Nobody worked on this for 6 months (will further age)
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@petersutter @gardener-robot