GKE Workload Identity Automated with Kubes: Spring Boot, PostgreSQL

GKE Workload Identity Automated with Kubes: Spring Boot, PostgreSQL

August 17, 2022

GKE Workload Identity is a way to associated a Google Service Account with a Kubernetes Service Account.

Google Service Account <=> Kubernetes Service Account
GSA <=> KSA

In this video, we'll automate the entire process of creating both the GSA and KSA and binding the 2 together. We'll use the Kubes toosl to do this. We'll use Kubes Hooks to create the Google Service Account: https://kubes.guru/docs/helpers/google/service-account/

We'll do this with a Spring Boot demo application that connects a CloudSQL PostgreSQL database.

Useful Commands

gcloud iam service-accounts get-iam-policy SERVICE_ACCOUNT@GOOGLE_PROJECT.iam.gserviceaccount.com

Links

Explore lesson as part of a learning path

Get full access to these great resources

All for less than the price of coffee a day

44 courses
286 lessons
46+ hours

Get started with BoltOps Learn now and get access to easy and powerful lessons

BoltOps Tools