home.social

#workloadidentity — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #workloadidentity, aggregated by home.social.

  1. Static Kubernetes ServiceAccount tokens are a long-standing security risk.
    This post walks through authenticating workloads to HashiCorp Vault using JWT/OIDC, exchanging pod identity for short-lived, least-privilege Vault tokens via a Kubernetes-aware STS—without relying on static credentials.

    #Kubernetes #HashiCorpVault #OIDC #WorkloadIdentity #ZeroTrust
    tremolo.io/post/short-lived-to