Documentation ¶
Overview ¶
Package identity contains the identity reconciler
Index ¶
Constants ¶
View Source
const (
Role = "roles/iam.workloadIdentityUser"
)
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Identity ¶
type Identity struct {
// contains filtered or unexported fields
}
func NewIdentity ¶
func (*Identity) DeleteWorkloadIdentity ¶
func (i *Identity) DeleteWorkloadIdentity(ctx context.Context, projectID string, identifiable duck.Identifiable) error
DeleteWorkloadIdentity will remove iam policy binding between k8s service account and its corresponding GCP service account, if this k8s service account only has one ownerReference.
func (*Identity) ReconcileWorkloadIdentity ¶
func (i *Identity) ReconcileWorkloadIdentity(ctx context.Context, projectID string, identifiable duck.Identifiable) (*corev1.ServiceAccount, error)
ReconcileWorkloadIdentity will create a k8s service account, add ownerReference to it, and add iam policy binding between this k8s service account and its corresponding GCP service account.
Click to show internal directories.
Click to hide internal directories.