Anyone using/used Pulumi deployments with openid c...
# pulumi-deployments
Anyone using/used Pulumi deployments with openid connect to GCP? I am having trouble with audience I think. Pulumi doc say use organization name, so I did add that to allowed audiences when creating a workload provider. But its complaining about format of it, Any suggestions on what I might be doing wrong? I tried with just my org name in allowed audience and also with default Just the relevant message from error in deployment logs,
Copy code
.....generateAccessToken": oauth2/google: status code 400: {"error":"invalid_request","error_description":"Invalid value for \"audience\". This value should be the full resource name of the Identity Provider. See <> for the list of possible formats."
Just for comparison, I did almost same setup for GitHub actions which works (using google auth action) and only changes between that and pulumi pool/provider are the audience and custom attributes mapping (I get repo owner from github and org from pulumi)
This is user(me) error, I was using project name and full names for provider and pool id. After changing to number and just the short id for both worked like a charm
I just had the same problem. You saved me days! 👍