Would be nice to have a way to federate entries with other trust domain dynamically per entry, e.g. as it was working in k8s-registrar via spiffe.io/federatesWith annotation.
I understand that it can be achieved with creation of clusterspiffeid resources per each id and/or with generation of clusterspiffeid resources with all possible trust domain combinations but it doesn’t seem to be a good option for us.
Would be nice to have a way to federate entries with other trust domain dynamically per entry, e.g. as it was working in k8s-registrar via
spiffe.io/federatesWith
annotation. I understand that it can be achieved with creation of clusterspiffeid resources per each id and/or with generation of clusterspiffeid resources with all possible trust domain combinations but it doesn’t seem to be a good option for us.Any thoughts?