Workload Identity

WorkloadIdentity represents a platform-specific identity of a workload joining the mesh.

E.g.,

AWS EC2 instance identity:

aws:
  partition: aws
  account: '123456789012'
  region: ca-central-1
  zone: ca-central-1b
  ec2:
    instance_id: i-1234567890abcdef0
    iam_role:
      name: example-role

GCP GCE instance identity:

gcp:
  project_number: '234567890121'
  project_id: gcp-example
  region: us-central1
  zone: us-central1-a
  gce:
    instance_id: '693197132356332126'

Azure Compute instance identity:

azure:
  subscription: 531bed28-f708-4fc5-b0c1-2c1edde46e4f
  resource_group: azure-example
  compute:
    instance_id: fc13d26e-d3c0-458e-b353-686d5ca19506

JWT identity:

jwt:
  issuer: https://mycompany.corp
  subject: us-east-datacenter1-vm007
  attributes:
    region: us-east
    datacenter: datacenter1
    instance_name: vm007
    instance_hostname: vm007.internal.corp
    instance_role: app-ratings

WorkloadIdentity

WorkloadIdentity represents a platform-specific identity of a workload joining the mesh.

Field	Description	Validation Rule
aws	tetrateio.api.onboarding.config.types.identity.aws.v1alpha1.AwsIdentity ^{oneof kind} `AWS`-specific identity of a workload.	–
jwt	tetrateio.api.onboarding.config.types.identity.jwt.v1alpha1.JwtIdentity ^{oneof kind} `JWT` identity of a workload.	–

TSB

最近更新于 2023-09-19