TechQA.

GKE with Workload identity can't access secrets from Secret Manager through nodejs client library

51 views Asked by At

Using the below guides:

https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity

https://cloud.google.com/kubernetes-engine/docs/tutorials/workload-identity-secrets

https://cloud.google.com/secret-manager/docs/samples/secretmanager-access-secret-version#secretmanager_access_secret_version-nodejs

One google service account and one kubernetes service account with privileges for both activities.

The identity is working from the pod.

The secrets are accessible from the pod.

When trying to access the secrets through the client library it doesn't return any response - neither secrets nor errors. There is no error object in the API so can't be debugged at the application level.

async function accessSecretVersion() { const [version] = await client.accessSecretVersion({ name: name, });

Probably the same issue: https://github.com/googleapis/nodejs-secret-manager/issues/106

It's closed without any solution provided.

google-kubernetes-engine google-secret-manager workload-identity google-cloud-node
Original Q&A
0

There are 0 answers

Related Questions in GOOGLE-KUBERNETES-ENGINE

Related Questions in GOOGLE-SECRET-MANAGER

Related Questions in WORKLOAD-IDENTITY

Related Questions in GOOGLE-CLOUD-NODE

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions