Posts

GKE Workload Identity is now named Workload Identity Federation — what else has changed? May 13, 2024

In this post we’ll look into the newly named Workload Identity Federation for GKE and how it affects running workloads that are already utilizing Workload Identity bindings.

Validating Admission Policies in Kubernetes: Advanced Use Cases June 12, 2023

This post discusses advanced features of Validation Admission Policies (VAP) for implementing Dynamic Admission Control in Kubernetes, including resource matching, parameters, and considerations for using VAPs over Validating Admission Webhooks.

Effortless In-Cluster Validation with Kubernetes: Introducing Validating Admission Policies June 5, 2023

In-cluster validation in Kubernetes provides a way to enforce standards and rules on cluster resources through admission control policies, helping operators manage resources and prevent accidental deletions.

Workload Identity for GKE: Analyzing common misconfiguration November 8, 2022

Discover GKE Workload Identity Analyzer, a tool I developed at DoiT to analyze workloads running in GKE and ensure Workload Identity is configured properly.

Controlling the Config Connector version on your GKE cluster June 2, 2022

Config Connector is a great tool for managing Google Cloud resources using Kubernetes manifests. This post demonstrates how to achieve enhanced control of the tool’s version by replacing the add-on installation with a manual one.