AWS to GCP sans service account keys!! - Workload Identity Federation

Рет қаралды 12,458

Күн бұрын

Connect your application running inside AWS to GCP without using service account keys.
cloud.google.c...
arn:aws:sts::[aws-accnt-number]:assumed-role/[ec2-iam-role]
----------
PLEASE SUBSCRIBE ➡️bit.ly/36x6qQy ❤️
If you like my work considering buying me ☕bit.ly/3lumyqx
----------
PLAYLISTS:
- Associate Cloud Engineer Study Guide: bit.ly/37y1dYl
- Google Cloud Playlist: bit.ly/37uMZal
----------
- Questions? Thoughts? Disagreements? Tell us here in the comments.
----------
LETS CONNECT:
👍 Facebook: / multicloudguy
📸 Instagram - / multicloudguy
🐦 Twitter - / multicloudguy

Пікірлер: 46

@arunabhamittra8652 3 жыл бұрын

Happy Teacher's Day GK Sir !!!!! Thank you for enriching our lives !

@CloudAdvocate 3 жыл бұрын

Thank you Arunabha!! Wish you the same 🙂

@TheBest-ev3lm 9 ай бұрын

Do you have a Terraform Script to perform the above?

@AnkiReddyKatha 12 күн бұрын

Hi awesome explanation with demo, I have a small doubt how will maintain library file for lambda functions?? As your side ec2 so added a file inside of ec2 but lambda how can we maintain, can you please help me on this asap Thank you

@jagdishbelapure7521 6 ай бұрын

This is awesome explanation, thank you for the video!

@abrahamrohithroy7421 Жыл бұрын

Yes, this worked flawlessly. Awesome!

@su-1337 3 жыл бұрын

You are amazing, you are one of few notepad++ IT guys left 😂

@CloudAdvocate 3 жыл бұрын

Lol

@ArulThangaRaja 4 ай бұрын

how to authenticate gcloud using aws temporary terminal credentials

@shukrilius Жыл бұрын

Thank You for this useful video 👍

@MaheshVelicheti 3 жыл бұрын

Happy Teachers day Cloud Guru.

@CloudAdvocate 3 жыл бұрын

Thank you Mahesh!!!

@shwetagairos 2 жыл бұрын

Hi GK, thank you for making these videos. You are my favorite. You did not show us the policy you attached to AWS instances. Would have been helpful.

@shukrilius Жыл бұрын

You can just create a new IAM Role and it is not necessary to add any permission, I created an empty role, attached it into an EC2 and worked. You can also use the fisrt option from WIF Granting Access session and do not "bind" it to any EC2/role,as he used in this video. It works also 😊👍

@hardikmittal5740 2 жыл бұрын

Can you pls create a video on workload identity to access inside google cloud kubernetes without RBAC roles?!!

@MrStark-kb7tc 2 жыл бұрын

Hi did you used application default credentials method with WIF?

@VivekYadav-iy5os 3 жыл бұрын

Sir first of all you are a inspiring person. Now my question is i am db2dba(luw) how to shift to cloud or any pathway can u suggest step by step to acheive my goal

@Ryan-Gordon Жыл бұрын

Would this be possible to use with the gmail api? We need to be able to define "with_subject"

@stkmgr00 Жыл бұрын

Hi GK, thanks for great video and it's really helpful. One question about the python program you used to list gcp buckets . what is this "GOOGLE_CLOUD_PROJECT" and value you assigned ?

@shukrilius Жыл бұрын

"GOOGLE_CLOUD_PROJECT" refers to GCP Project ID.

@mallikarjuna7624 2 жыл бұрын

Hi sir ,buckets are created in gcp or ec2 instance

@lipaacharjee9083 3 жыл бұрын

Hello GK, I am not from IT background, shall I go for Cloud technology, I want to learn

@gobindasaluja2097 2 жыл бұрын

will we able to use gcloud commands on Ec2 instance after all this steps?

@mynameishappy7126 3 жыл бұрын

Excellent..waiting for this... can we do this between onprem cluster and gcp? Could you prepare a demo on that

@CloudAdvocate 3 жыл бұрын

You need Identity from onprem. If your onprem vm is part of ldap maybe it is possible. I haven't tried it though.

@mynameishappy7126 3 жыл бұрын

@@CloudAdvocate thanks for the reply...will try from my end... all the best ...

@logicstv Жыл бұрын

Can this be scoped to a specific gcp project rather than Org?

@chaitanyakrishna5873 3 жыл бұрын

First like... I am ready

@CloudAdvocate 3 жыл бұрын

Its special CK!

@shivakumarnaidu 3 жыл бұрын

Sir where can I personally chat with u??? Regarding my case

@benw305 2 жыл бұрын

You have to leave an EC2 instance running on AWS?

@saiteju8169 Жыл бұрын

GK. If possible could you make a video to use workload identity for github OIDC token, i wanted to remove SA keys from my github actions so this can be a best fit 😊

@CloudAdvocate Жыл бұрын

Dude you read my mind. I will create that

@saiteju8169 Жыл бұрын

@@CloudAdvocate thanks a lot 😁

@CloudAdvocate Жыл бұрын

kzbin.info/www/bejne/sIOpZqiKjL2Jbrs there you go

@mallikarjuna7624 2 жыл бұрын

Where you created the buckets ??

@CloudAdvocate 2 жыл бұрын

Gcp

@ManishSingh-ll4ws Жыл бұрын

Can we see gk-ec2-role-instance details ?

@shukrilius Жыл бұрын

@adapasrnsdurgarao9342 3 жыл бұрын

Hi Gk I took 3 years gap after my graduation(computer science engineering) and I don't have any experience before, now I'm going to learn about cloud but I'm in confusion state which one I pick and which certificate Is beneficial to me to start career in cloud please suggest me Gk

@CloudAdvocate 3 жыл бұрын

Pick anyone cloud and start with fundamental certification or associate level certification.