AWS to GCP sans service account keys!! - Workload Identity Federation
ฝัง
- เผยแพร่เมื่อ 4 ก.ย. 2021
- Connect your application running inside AWS to GCP without using service account keys.
cloud.google.com/iam/docs/wor...
arn:aws:sts::[aws-accnt-number]:assumed-role/[ec2-iam-role]
----------
PLEASE SUBSCRIBE ➡️bit.ly/36x6qQy ❤️
If you like my work considering buying me ☕bit.ly/3lumyqx
----------
PLAYLISTS:
- Associate Cloud Engineer Study Guide: bit.ly/37y1dYl
- Google Cloud Playlist: bit.ly/37uMZal
----------
- Questions? Thoughts? Disagreements? Tell us here in the comments.
----------
LETS CONNECT:
👍 Facebook: / multicloudguy
📸 Instagram - / multicloudguy
🐦 Twitter - / multicloudguy - วิทยาศาสตร์และเทคโนโลยี
![ไหล่อ่อน (Soft Shoulder) - Atom ชนกันต์ [OFFICIAL MV]](http://i.ytimg.com/vi/HUWl53msBQY/mqdefault.jpg)
Yes, this worked flawlessly. Awesome!
This is awesome explanation, thank you for the video!
Happy Teacher's Day GK Sir !!!!! Thank you for enriching our lives !
Thank you Arunabha!! Wish you the same 🙂
Thank You for this useful video 👍
Happy Teachers day Cloud Guru.
Thank you Mahesh!!!
Do you have a Terraform Script to perform the above?
Hi GK, thank you for making these videos. You are my favorite.
You did not show us the policy you attached to AWS instances. Would have been helpful.
You can just create a new IAM Role and it is not necessary to add any permission, I created an empty role, attached it into an EC2 and worked.
You can also use the fisrt option from WIF Granting Access session and do not "bind" it to any EC2/role,as he used in this video.
It works also 😊👍
You are amazing, you are one of few notepad++ IT guys left 😂
Lol
Sir first of all you are a inspiring person. Now my question is i am db2dba(luw) how to shift to cloud or any pathway can u suggest step by step to acheive my goal
Hello GK, I am not from IT background, shall I go for Cloud technology, I want to learn
Hi did you used application default credentials method with WIF?
will we able to use gcloud commands on Ec2 instance after all this steps?
Hi sir ,buckets are created in gcp or ec2 instance
Would this be possible to use with the gmail api? We need to be able to define "with_subject"
Can this be scoped to a specific gcp project rather than Org?
First like... I am ready
Its special CK!
Can you pls create a video on workload identity to access inside google cloud kubernetes without RBAC roles?!!
Hi GK, thanks for great video and it's really helpful.
One question about the python program you used to list gcp buckets . what is this "GOOGLE_CLOUD_PROJECT" and value you assigned ?
"GOOGLE_CLOUD_PROJECT" refers to GCP Project ID.
Sir where can I personally chat with u??? Regarding my case
You have to leave an EC2 instance running on AWS?
Excellent..waiting for this... can we do this between onprem cluster and gcp? Could you prepare a demo on that
You need Identity from onprem. If your onprem vm is part of ldap maybe it is possible. I haven't tried it though.
@@CloudAdvocate thanks for the reply...will try from my end... all the best ...
how to authenticate gcloud using aws temporary terminal credentials
Hi Gk I took 3 years gap after my graduation(computer science engineering) and I don't have any experience before, now I'm going to learn about cloud but I'm in confusion state which one I pick and which certificate Is beneficial to me to start career in cloud please suggest me Gk
Pick anyone cloud and start with fundamental certification or associate level certification.
Can we see gk-ec2-role-instance details ?
You can just create a new IAM Role and it is not necessary to add any permission, I created an empty role, attached it into an EC2 and worked.
You can also use the fisrt option from WIF Granting Access session and do not "bind" it to any EC2/role,as he used in this video.
It works also 😊👍
GK. If possible could you make a video to use workload identity for github OIDC token, i wanted to remove SA keys from my github actions so this can be a best fit 😊
Dude you read my mind. I will create that
@@CloudAdvocate thanks a lot 😁
th-cam.com/video/zRF5uTWXV8Y/w-d-xo.html there you go
Where you created the buckets ??
Gcp
Hay Bro, its not working and getting permission denied error while running sample.py.
Please help!!
In my case was necessary to inform the "Absolute Path" for the credentials file. Give it a try!
Hello sir. How can I contact you bro. I want some guidance please help me brooo.🥺 I was text you in instagram..
Sorry, I will check the text on insta.
@@CloudAdvocate thank you for the amazing content you produce. How would be possible to contact you?