Solving the Workload Identity sameness with IAM Conditions



GKE offers a uniq feature called Workload Identity. This feature allows you to configure a Kubernetes Service Account (will call this one KSA for the remaining of the article) to use a Google Service Account (will call this one GSA for the remaining of the article) to access a Google API without having to manually download an inject Service Account Keys into Kubernetes Secrets or worst hard coding these in your repo. This is done in six steps:

  • Creating a cluster with Workload Identity enabled
  • Creating a GSA
  • Create a Kubernetes…

Update (29/03/2021). I updated this article with ideas I collected from people who read and commented on it. If you have a good idea for a Rule to follow for effective communication, DM me on LinkedIn or Twitter. Will add it with credits to you.

I receive a lot of messages on LinkedIn. On average 2/3 per day and I try to do my best to answer all of them. Everything ranging from people asking career advice, what kind of training/certifications to take. To folks asking how they can join my current company. …

Yes, I'm doing so. I’m spreading my voice all over your phones and computers. Below you can find answers to the question of why/how/what is this….


First things first, why I’m doing this? Simply because I get too many questions about my role, how to Join Google, what does it mean to work in Cloud…Especially from Junior IT professionals or today students going to be soon in the job market people.

Instead of tweeting, blogging, or answering these questions live. I decided podcasts are the way to go, it’s the easiest way for me to persist some info on…

Cyber Monday on all LF certifications and

NB: Before you read this post I highly recommend you read this one first. There are couple arguments and analysis in the article about the Cloud Engineer Bootcamp that are valid for this one. Especially around the questions of “Is it worth it” and “Will this make me a Cloud Engineer”.

You are Back ? Good let’s get started

The Linux foundation released back in July a new bootcamp called the Advanced Cloud Engineer. This is a new, more elaborate version of The Cloud Engineer Bootcamp (will refer to it as basic in this post) I reviewed few months ago

Few months back i wrote an article about The Cloud Engineer Bootcamp from CNCF. I did a deep analysis of the content, prices and tried to answer the question “Is it worth it”. Make sure to read that article first to follow the logic .This article is a quick review and will not go too much into details.

The Linux Foundation release a new career track called Cloud Developer. This is not a certification per-se but more a collection of online courses and certifications that are bundled and ordered in a logical way to accommodate gradual learning.


The track…

Cyber Monday on all LF certifications and

Edit: There is a 65% discount running until end of Dec 8th 2020

A couple of weeks ago, I came across the Cloud Engineer Bootcamp certification from the Linux Foundation. What attracted my attention is the current offer, available until June 17, 2020, where for a total of 600$, you get access to a compilation of training and 2 certifications from LF. So i’m writing this post to answer three questions: What is it about, will this make you a Cloud Engineer and is it worth it ?!

What is this certification ?

The LF Cloud Engineer bootcamp is a…

Abdellfetah SGHIOUAR

Google Cloud Engineer with a focus on Serverless, Kubernetes, and Devops Methodologies. A supporter and contributor to OSS. Podcast Host

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store