GKE Workload Identity Automated with Kubes: Confirm with gcloud

GKE Workload Identity Automated with Kubes: Confirm with gcloud

August 18, 2022

Tags:

gke kubes google kubernetes

GKE Workload Identity is a way to associated a Google Service Account with a Kubernetes Service Account.

Google Service Account <=> Kubernetes Service Account
GSA <=> KSA

In this video, we'll automate the entire process of creating both the GSA and KSA and binding the 2 together. We'll use the Kubes toosl to do this. We'll use Kubes Hooks to create the Google Service Account: https://kubes.guru/docs/helpers/google/service-account/

We'll confirm everything is working with the gcloud command.

Useful Commands

gcloud iam service-accounts get-iam-policy SERVICE_ACCOUNT@GOOGLE_PROJECT.iam.gserviceaccount.com

Links

Terraspace Google Cloud

1h 12m

1. Getting Started

9:50
2. Network with google_compute_network

8:16
3. Network with Registry

5:11
4. VM with google_compute_instance

6:21
5. Variables with Secret Manager

6:33
6. CloudSQL Database with google_sql_database_instance

3:57
7. Managed Instance Group with Registry

6:26
8. GKE Cluster with google_container_cluster

10:11
9. GKE Cluster with Registry

15:43

Google GKE Kubes

1h 17m

1. Kubes Intro

11:01
2. Kubes Intro

10:34
3. Ingress: External Load Balancer

11:41
4. Ingress: External Load Balancer with Secrets YAML

8:08
5. Ingress: External Load Balancer with Cert Tool

16:29
6. Ingress: External Load Balancer

20:06

Get full access to these great resources

All for less than the price of coffee a day

44 courses

286 lessons

46+ hours

Get started with BoltOps Learn now and get access to easy and powerful lessons

Get started with BoltOps Learn

BoltOps Tools

Terraspace: The Terraform Framework

It provides an organized structure, conventions over configurations, keeps your code DRY, and adds convenient tooling. Terraspace makes working with Terraform easier and more fun.
Jets: The Ruby Serverless Framework

Ruby on Jets allows you to create and deploy serverless services with ease, and to seamlessly glue AWS services together with the most beautiful dynamic language: Ruby. It includes everything you need to build an API and deploy it to AWS Lambda. Jets leverages the power of Ruby to make serverless joyful for everyone.
AWS CodeBuild Tool

Cody is a AWS CodeBuild management tool. Cody simplifies creating and managing AWS CodeBuild projects. Comes with a powerful DSL.
Lono: The CloudFormation Framework

Building infrastructure-as-code is challenging. Lono makes it much easier and fun. It includes everything you need to manage and deploy infrastructure-as-code.
Kubes: Kubernetes Deployment Tool

Kubes is a Kubernetes Deployment Tool. It builds the docker image, creates the Kubernetes YAML, and runs kubectl apply. It automates the deployment process and saves you precious finger-typing energy.