Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Compatibility with GKE Workload Identity #23

Open
NealeGrant opened this issue Jun 11, 2021 · 0 comments
Open

Compatibility with GKE Workload Identity #23

NealeGrant opened this issue Jun 11, 2021 · 0 comments
Labels
enhancement New feature or request

Comments

@NealeGrant
Copy link

I deployed this in a cluster with Workload Identity enabled but got a permissions error when I tried to publish to a topic that the associated service account had permissions for.

By explicitly creating a key for the service account and providing it as the json_key_file (as I would do in a cluster without Workload Identity) it worked, so I don't think there was anything wrong with the permissions themselves, just that the plugin isn't "Workload Identity-aware".

The workaround is simple so the impact is just a little extra work to get it up and running and some extra kubernetes cruft in our terraform for provisioning the cluster, which was a shame because Workload Identity had previously done away with that.
@NealeGrant NealeGrant added the enhancement New feature or request label Jun 11, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@NealeGrant