Hello,
We're considering using Trident Protect as an application backup solution for our GKE clusters.
We've currently installed Trident Protect using Cloud Identity/Workload Identity, using a Google service account with permissions to the Google Cloud NetApp Volumes service, and noting the k8s trident-controller service account so it can impersonate.
We've tried configuring this same method in Trident Protect, but don't see the option. The idea is to avoid using a secret with credentials to connect to the AppVault (backup bucket), like with Trident BackendConfig (when you annotate the trident-controller sa, the block of credentials are not neccesary).
Hello,
We're considering using Trident Protect as an application backup solution for our GKE clusters.
We've currently installed Trident Protect using Cloud Identity/Workload Identity, using a Google service account with permissions to the Google Cloud NetApp Volumes service, and noting the k8s trident-controller service account so it can impersonate.
We've tried configuring this same method in Trident Protect, but don't see the option. The idea is to avoid using a secret with credentials to connect to the AppVault (backup bucket), like with Trident BackendConfig (when you annotate the trident-controller sa, the block of credentials are not neccesary).