Support for backend authentication based on AWS IRSA

pulumi / pulumi-kubernetes-operator

A Kubernetes Operator that automates the deployment of Pulumi Stacks

Apache License 2.0

220 stars 54 forks source link

Support for backend authentication based on AWS IRSA #558

Closed geowalrus4gh closed 7 months ago

geowalrus4gh commented 7 months ago

Hello!

Vote on this issue by adding a 👍 reaction
If you want to implement this feature, comment to let us know (we'll work with you on design, scheduling, etc.)

Issue details

Currently, backend authentication requires credentials to be passed as 'envRefs' in the Stack YAML. There are cases where long-running sessions are prohibited and are unable to configure the SESSION token in the envRefs. It would be better if the operator works with IRSA authentication when AWS is used.

geowalrus4gh commented 7 months ago

Sorry this was my mistake. I missed out the operator configuration part. If any one facing same issue, don't forget to add role to the service account in the operator helm chart.

   image:
      registry: <docker-repo>
    serviceAccount:
      annotations:
        <role-arn>