GCP - Workload Identity Federation - Access GCS Bucket From AWS Lambda Function
ฝัง
- เผยแพร่เมื่อ 29 เม.ย. 2021
- In this tutorial, you will learn how to access Google Cloud Storage (GCS) bucket from AWS Lambda function using Workload Identity Federation. With identity federation, you can use Identity and Access Management (IAM) to grant external identities IAM roles, including the ability to impersonate service accounts. This lets you access resources directly, using a short-lived access token, and eliminates the maintenance and security burden associated with service account keys.
- วิทยาศาสตร์และเทคโนโลยี
Keep uploading more videos on gcp IAM , database , monitoring and logging please
Thank you so much for this video. While my situation is fairly different, this was still super helpful. I'm actually working with trying to find a way to connect Bitbucket Pipelines with GCP, however, the missing component for me ended up ultimately being this command: *gcloud iam workload-identity-pools create-cred-config* . That was the missing piece for me since I couldn't quite figure out how the application was going to authenticate with GCP if it didn't have a key file (y'know, via the typical "gcloud auth activate-service-account..." command). The extra step here was to use that command to instead generate a credential *configuration* file that you can point to instead for logging in (usually via the GOOGLE_APPLICATION_CREDENTIALS environment variable instead), which you can do once already have an OIDC token (which Pipelines will give you once all the other stuff is setup). 🎉
Great work!. Kindly upload more concepts
Brilliant 👏.. thank you very much
how can we achieve the same for workload running in EKS, I need to access GCS bucket from EKS pods
THanks for video .. can you please make video on workload identity federation access GCS bucket from GITHUB repo
thank you
Great!!
Well explained!!,
Where we can find the used commands?
Great! Can you share the Git link for the py code?