Hey Folks,
I am new to Crossplane and was performing a POC for GCP infrastructure using workload identity using GitOps. I noticed as per documentation that there are a couple of manual steps after installing the provider(eg: provider-gcp-cloudplatform). (I have created the GCP Service Account, IAM Role and IAM Role Binding)
Injecting the Providers Kubernetes Service Account with the email address of GCP Service Account is required to enable workload identity but there seems to be no straightforward way for this (eg: annotations of the provider get propagated to SA)
I was referring to the below documentation.
Since I am new to Crossplane and this provider I was wondering if I am missing something or if there is an open ticket for this to which i can contribute.
Cheers,
Amit D.