Text file src/edge-infra.dev/config/pallets/edge/auth-proxy/gke/gcpinfra/wi-iam-role.yaml

Documentation: edge-infra.dev/config/pallets/edge/auth-proxy/gke/gcpinfra

     1apiVersion: iam.cnrm.cloud.google.com/v1beta1 # bind service account to GKE workload identity SA
     2kind: IAMPolicyMember
     3metadata:
     4  name: ${cluster_uuid}-auth-proxy-sa-workload-id
     5  namespace: auth-proxy
     6spec:
     7  member: serviceAccount:${gcp_project_id}.svc.id.goog[auth-proxy/auth-proxy-sa]
     8  resourceRef:
     9    name: authproxy
    10    namespace: auth-proxy
    11    apiVersion: iam.cnrm.cloud.google.com/v1beta1
    12    kind: IAMServiceAccount
    13  role: roles/iam.workloadIdentityUser

View as plain text