Support Application Default Credentials or Workload Identity when running in GCP #311
Labels
help wanted
Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines.
kind/feature
Categorizes issue or PR as related to a new feature.
lifecycle/frozen
Indicates that an issue or PR should not be auto-closed due to staleness.
/kind feature
Describe the solution you'd like
Exporting service account credentials and storing in K8S secret store introduces an unnecessary secret and potential point of compromise if the cluster API provider is running inside GCP.
In this case, the provider should first look for Application Default Credentials or use workload identity before requiring service account credential keys.
The text was updated successfully, but these errors were encountered: