Skip to main content
logoTetrate Service BridgeVersion: next

Workload Onboarding Token Claims

Specifies claims included into the Workload Onboarding Token returned by the OnboardingAuthorizationService.

OnboardingTokenClaims

Onboarding Token Claims specifies claims included into the Workload Onboarding Token returned by the OnboardingAuthorizationService.

\{
"azp": "2b8e531d-f708-4fc5-b0c1-2c1edde46e4f",
"aud": "2b8e531d-f708-4fc5-b0c1-2c1edde46e4f",
"sub": "bookinfo/ratings-aws-aws-123456789012-ca-central-1b-ec2-i-1234567890abcdef0",
"claims": \{
"workload": \{
"aws": \{
"partition": "aws",
"account": "123456789012",
"region": "ca-central-1",
"zone": "ca-central-1b",
"ec2": \{
"instance_id": "i-1234567890abcdef0"
\}
\}
\},
"workload_group": \{
"namespace": "bookinfo",
"name": "ratings"
\}
\}
\}
FieldDescriptionValidation Rule

workload

tetrateio.api.onboarding.config.types.identity.v1alpha1.WorkloadIdentity
REQUIRED
Platform-specific identity of the workload.

workloadGroup

tetrateio.api.onboarding.config.types.core.v1alpha1.NamespacedName
REQUIRED
Name of the WorkloadGroup the workload was authorized to become a part of.