https://pulumi.com
Join Slack
This message was deleted.
# google-cloud
s
This message was deleted.
b
hey, you can actually turn this off completely, but you then need to map IAM roles back to the cluster
you'll need to map an IAM role to a Kubernetes RBAC role with admin permissions, I think
it's been a while since I did this 😄
d
Yeah, I remember the convergence between IAM and Kubernetes RBAC is confusing.
I mean technically a service account with roles/container.admin will let you use the GKE admin API and let you retrieve the master API credentials using gcloud…
I’m guessing this technique is trying to sidestep that dance of retrieving the credentials?
Open in Slack
PreviousNext
Powered by

Pulumi Community

No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Powered by