Access Google Cloud from GitHub Action Sans Keys - Workload Identity Federation 

Thanks for this video ❤

Thanks for the video. How can we provision the gcp resources using terraform authenticating through wif without using service account keys?

Thanks for the video😁👍. Can you tell how these attributes (timestamp- 3:34) work? And are these safe to use cuz I read somewhere in the document that if another repo has the same value or something it can allow that repo access too. Thanks in advance.

Hi, I have gone through your videos on using Workflow identity federation to connect to GCP. They are very much helpful in understanding the feature and get to know how it is working. Can I use wfi for copying files from Linux server to GCS buckets? Could you please tell me in that case how this wfi pool has to be configured? Any help in this regard would be much appreciated.

1. Firewall Policy vs Firewall Rule (Where to use which one and why) 2. Create Firewall Policy and Implement it for Hybrid use case (Typically customer has dev and prod projects, hence a implement it considering both project) 3. Rules, Policy and Association (Understand use case in detail) 4. Automation of this using terraform (Hierarchical Firewall Policy Automation with Terraform | Google Cloud Blog) can you make a documentation on these ? Need help in understanding clearly kindly look into it, if you can answer all of them.

Why are the mappings the way they are? Why are these three necessary? What about other fields? What do they mean? You’re not explaining that 😢

Hi, excellent video. My question is how can we set up this with Terraform? There is a way? Thanks for the content

my friends, thanks for your video but my output in github actions is: Error: Permission 'iam.serviceAccounts.getAccessToken' denied on resource (or it may not exist). and see when I follow your tutorial in the 4:24 minute , generate in your case principalSet, in my case principal :(

Sir I am BCA graduate and i am fresher. Can i become a Devops Engineer????

Thanks gk for this great video Can we use this same flow for azure devops pipelines?

1:15 🤣

@CloudAdvocate what is the value of 'my-secret' in the yml file last line? I added this key in the github settings key-value but not sure about its value. Please help... @SnehaU-uj8rt

Hi, Thanks for the video. It was really useful. I did the exact same thing as mentioned in the video but I faced the following error in the github actions. Can you help me resolve this issue? Why is this happening? (gcloud.secrets.versions.access) There was a problem refreshing your current auth tokens: ('Unable to acquire impersonated credentials', '{ "error": { "code": 403, "message": "Permission \'iam.serviceAccounts.getAccessToken\' denied on resource (or it may not exist).", "status": "PERMISSION_DENIED", "details": [ { "@type": "type.googleapis.com/google.rpc.ErrorInfo", "reason": "IAM_PERMISSION_DENIED", "domain": "iam.googleapis.com", "metadata": { "permission": "iam.serviceAccounts.getAccessToken" } } ] } } ') Please run: $ gcloud auth login to obtain new credentials. If you have already logged in with a different account: $ gcloud config set account ACCOUNT to select an already authenticated account to use. Error: Process completed with exit code 1.