GKE Workload Identity

Purpose

Workload Identity enables GKE pods to authenticate to Google Cloud services without managing service account keys. Pods use short-lived, automatically rotated credentials based on IAM bindings between Kubernetes and GCP service accounts.

When to Use

Use this skill when you need to:

Set up secure authentication from GKE pods to GCP services (Pub/Sub, Cloud SQL, Secret Manager)
Eliminate service account key management and rotation
Implement least privilege access with IAM bindings
Authenticate Spring Boot applications to Google Cloud APIs
Reduce security blast radius by avoiding static credentials
Enable Cloud SQL Proxy or Pub/Sub client libraries to authenticate automatically

Trigger phrases: "set up Workload Identity", "GKE authentication", "pod to GCP service auth", "keyless authentication", "Cloud SQL IAM auth"

Related skills

More from dawiddutoit/custom-claude

Installs

Repository

dawiddutoit/cus…m-claude

GitHub Stars

First Seen

Jan 26, 2026

Security Audits

Gen Agent Trust HubPass

SocketPass

SnykWarn

gcp-gke-workload-identity

GKE Workload Identity

Purpose

When to Use

Table of Contents

More from dawiddutoit/custom-claude

playwright-web-scraper

cloudflare-tunnel-setup

openscad-workshop-tools

chrome-form-filler

openscad-collision-detection

java-best-practices-security-audit