Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow to assign a service account to a GKE autopilot cluster #340

Open
KaoruDev opened this issue Feb 10, 2022 · 3 comments
Open

Allow to assign a service account to a GKE autopilot cluster #340

KaoruDev opened this issue Feb 10, 2022 · 3 comments
Labels
awaiting-upstream The issue cannot be resolved without action in another repository (may be owned by Pulumi). kind/enhancement Improvements or new features

Comments

@KaoruDev
Copy link

Hello!

  • Vote on this issue by adding a 馃憤 reaction
  • If you want to implement this feature, comment to let us know (we'll work with you on design, scheduling, etc.)

Issue details

There doesn't appear to be a way to assign a service account to GKE nodes in autopilot mode although gcloud api does support it. The TF module however does not yet see hashicorp/terraform-provider-google#9505

Here's the resolved issue on GCP's side: https://issuetracker.google.com/issues/186511728

Affected area/feature

GKE autopilot cluster
@KaoruDev KaoruDev added the kind/enhancement Improvements or new features label Feb 10, 2022
@danielrbradley danielrbradley added the awaiting-upstream The issue cannot be resolved without action in another repository (may be owned by Pulumi). label Feb 14, 2022
@danielrbradley
Copy link
Member

From a quick check of the api specifications I couldn't see this available yet. As soon as it's published it should be available in the subsequent release.

@tedchang77
Copy link

Any update on when this will be available? We are blocked on this as we need to access artifact registry in a different project.

@KaoruDev
Copy link
Author

KaoruDev commented Apr 15, 2022
edited

@tedchang77 If you give your gke-project's (the project hosting your GKE cluster) gcp compute service account access to the registry that should fix your issue.

In other words, give <project-with-gke-number>-compute@developer.gserviceaccount.com access to the artifact registry.

https://cloud.google.com/iam/docs/service-accounts#default

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
awaiting-upstream The issue cannot be resolved without action in another repository (may be owned by Pulumi). kind/enhancement Improvements or new features
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@danielrbradley @tedchang77 @KaoruDev