Uploaded image for project: 'Secret Store CSI for Red Hat OpenShift'
  1. Secret Store CSI for Red Hat OpenShift
  2. SSCSI-21

Explore GCP Secrets Store Provider configuration with WIF Identity instead of Service Accounts

XMLWordPrintable

    • Icon: Spike Spike
    • Resolution: Done
    • Icon: Undefined Undefined
    • None
    • None
    • 5
    • False
    • Hide

      None

      Show
      None
    • False
    • OAPE Sprint 268, OAPE Sprint 269, OAPE Sprint 270
    • 3

      SS-CSI documentation about mounting secrets from Google Secret Manager makes use of service accounts for Provider->Secret Manager authentication.

      It would be good to check if the mounting of secrets can also be achieved with WIF authentication as WIF is preferred over Google Service account.

      Acceptance criterion:
      Steps to setup GCP Secret Provider -> Google Secret Manager integration with WIF.

      If the integration cannot be achieved out of the box, document the reasons for failure and any alternatives/changes needed to get it working.

      Issues faced when using any non-default audience in the WIF token.

       

              rh-ee-smuley Shivprakash Muley
              rh-ee-mykastur Mytreya Kasturi
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: