Skip to content

Using GKE Workload Identity with trident-protect #7

Description

@rlopezl

Hello,

We're considering using Trident Protect as an application backup solution for our GKE clusters.

We've currently installed Trident Protect using Cloud Identity/Workload Identity, using a Google service account with permissions to the Google Cloud NetApp Volumes service, and noting the k8s trident-controller service account so it can impersonate.

We've tried configuring this same method in Trident Protect, but don't see the option. The idea is to avoid using a secret with credentials to connect to the AppVault (backup bucket), like with Trident BackendConfig (when you annotate the trident-controller sa, the block of credentials are not neccesary).

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions