eager-noon-15510
02/22/2024, 9:56 AMimpersonateServiceAccount
option on GCP provider, I'm trying to create a GKE cluster and build a kubeconfig to use later with kubernetes provider, and apparently the masterAuth
has the original user creds, not the service account set in impersonateServiceAccount
. What's the right way to deal with this in pulumi?thousands-knife-3009
02/22/2024, 4:04 PMcredentials
in the provider instead of impersonation?eager-noon-15510
02/22/2024, 4:39 PMeager-noon-15510
02/22/2024, 4:40 PMthousands-knife-3009
02/22/2024, 4:40 PMeager-noon-15510
02/22/2024, 4:43 PMthousands-knife-3009
02/22/2024, 4:44 PMthousands-knife-3009
02/22/2024, 4:44 PMthousands-knife-3009
02/22/2024, 4:45 PMeager-noon-15510
02/22/2024, 4:47 PMthousands-knife-3009
02/22/2024, 4:48 PMeager-noon-15510
02/22/2024, 4:49 PMthousands-knife-3009
02/22/2024, 4:50 PMeager-noon-15510
02/22/2024, 4:51 PMnew gcp.container.Cluster(..., {provider: non_impersonated_provider})
Not sure it's reasonable...thousands-knife-3009
02/22/2024, 4:51 PMeager-noon-15510
02/22/2024, 4:52 PMthousands-knife-3009
02/22/2024, 4:52 PMthousands-knife-3009
02/22/2024, 4:53 PMeager-noon-15510
02/22/2024, 4:53 PMthousands-knife-3009
02/22/2024, 4:53 PMeager-noon-15510
02/22/2024, 4:54 PMthousands-knife-3009
02/22/2024, 4:55 PMthousands-knife-3009
02/22/2024, 4:56 PMthousands-knife-3009
02/22/2024, 4:57 PMeager-noon-15510
02/22/2024, 5:00 PMeager-noon-15510
02/22/2024, 5:02 PMthousands-knife-3009
02/22/2024, 5:03 PMthousands-knife-3009
02/22/2024, 5:07 PMencryptionsalt
value. if you delete the file and run preview again (while still using the same passphrase) you get a new encryptionsalt
value. this makes me think that if the pulumi config were to store any secrets in the backend that they would be saved with a different hash/salteager-noon-15510
02/22/2024, 5:08 PMthousands-knife-3009
02/22/2024, 5:08 PMeager-noon-15510
02/22/2024, 5:09 PMthousands-knife-3009
02/22/2024, 5:09 PMeager-noon-15510
02/22/2024, 5:10 PMthousands-knife-3009
02/22/2024, 5:10 PMthousands-knife-3009
02/22/2024, 5:10 PMeager-noon-15510
02/22/2024, 5:13 PM