Too Long; Didn't Read
Workload identity is a modern way to provision keys for pods running on Google Kubernetes Engine. It allows individual pods to use a service account with a suitable set of permissions without manually managing KuberNETes secrets. In this article, we show a real world example on how to use Workload Identity to configure a KuberNetes cluster with Workload ID enabled. In the figure below, we see an overview of what is achieved by this method, where each individual pod can use a dedicated service account.