Open linear[bot] opened 1 week ago
Currently we are using long lived JSON service account key. For compliance, we will either write a long document say how we manually rotate and rotate it, or make it automated.
Let's take the automated approach.
refs: https://cloud.google.com/blog/products/identity-security/enabling-keyless-authentication-from-github-actions
DEV-1447 Migrate to use Google workload identity federation in Github Action for deployment
Currently we are using long lived JSON service account key. For compliance, we will either write a long document say how we manually rotate and rotate it, or make it automated.
Let's take the automated approach.
refs: https://cloud.google.com/blog/products/identity-security/enabling-keyless-authentication-from-github-actions