Skip to main content
logoTetrate Service BridgeVersion: 1.6.x

Workload Identity

WorkloadIdentity represents a platform-specific identity of a workload joining the mesh.

E.g.,

  • AWS EC2 instance identity:

    aws:
      partition: aws
      account: '123456789012'
      region: ca-central-1
      zone: ca-central-1b
      ec2:
        instance_id: i-1234567890abcdef0
        iam_role:
          name: example-role

  • GCP GCE instance identity:

    gcp:
      project_number: '234567890121'
      project_id: gcp-example
      region: us-central1
      zone: us-central1-a
      gce:
        instance_id: '693197132356332126'

  • Azure Compute instance identity:

    azure:
      subscription: 531bed28-f708-4fc5-b0c1-2c1edde46e4f
      resource_group: azure-example
      compute:
        instance_id: fc13d26e-d3c0-458e-b353-686d5ca19506

  • JWT identity:

    jwt:
      issuer: https://mycompany.corp
      subject: us-east-datacenter1-vm007
      attributes:
        region: us-east
        datacenter: datacenter1
        instance_name: vm007
        instance_hostname: vm007.internal.corp
        instance_role: app-ratings

WorkloadIdentity

WorkloadIdentity represents a platform-specific identity of a workload joining the mesh.

FieldDescriptionValidation Rule

aws

tetrateio.api.onboarding.config.types.identity.aws.v1alpha1.AwsIdentity oneof _kind
AWS-specific identity of a workload.

jwt

tetrateio.api.onboarding.config.types.identity.jwt.v1alpha1.JwtIdentity oneof _kind
JWT identity of a workload.