Tetrate Service BridgeVersion: 1.11.x

Workload Onboarding Token Claims

Onboarding Token Claims specifies claims included into the Workload Onboarding Token returned by the OnboardingAuthorizationService.

\{
  "azp": "2b8e531d-f708-4fc5-b0c1-2c1edde46e4f",
  "aud": "2b8e531d-f708-4fc5-b0c1-2c1edde46e4f",
  "sub": "bookinfo/ratings-aws-aws-123456789012-ca-central-1b-ec2-i-1234567890abcdef0",
  "claims": \{
    "workload": \{
      "aws": \{
        "partition": "aws",
        "account": "123456789012",
        "region": "ca-central-1",
        "zone": "ca-central-1b",
        "ec2": \{
          "instance_id": "i-1234567890abcdef0"
        \}
      \}
    \},
    "workload_group": \{
      "namespace": "bookinfo",
      "name": "ratings"
    \}
  \}
\}

OnboardingTokenClaims

OnboardingTokenClaims specifies claims included into the Workload Onboarding Token returned by the OnboardingAuthorizationService.

Field	Description	Validation Rule
workload	tetrateio.api.onboarding.config.types.identity.v1alpha1.WorkloadIdentity REQUIRED Platform-specific identity of the workload.	–
workloadGroup	tetrateio.api.onboarding.config.types.core.v1alpha1.NamespacedName REQUIRED Name of the WorkloadGroup the workload was authorized to become a part of.	–

OnboardingTokenClaims​

OnboardingTokenClaims