🇬🇧

Denis Arslanbekov arslanbekov

🇬🇧

Senior SRE / DevOps / Infrastructure / Clouds / Terraform / go

arslanbekov / actions.yml

Created November 24, 2022 16:40

	name: "Example Workload Identity"

	on:
	push:
	branches:
	- "master"

	jobs:
	run:
	name: "Workload Identity Job"

arslanbekov / output.tf

Created November 24, 2022 16:36

	output "pool_name" {
	description = "Pool name"
	value = google_iam_workload_identity_pool.github_actions.name
	}
	output "provider_name" {
	description = "Provider name"
	value = google_iam_workload_identity_pool_provider.github_actions.name
	}

arslanbekov / main.tf

Created November 24, 2022 16:35

	resource "google_service_account_iam_member" "wif-sa" {
	service_account_id = "projects/my-gcp-project/serviceAccounts/[email protected]"
	role = "roles/iam.workloadIdentityUser"
	member = "principalSet://iam.googleapis.com/${google_iam_workload_identity_pool.github_actions.name}/*"
	}

arslanbekov / main.tf

Created November 24, 2022 16:34

	resource "google_iam_workload_identity_pool_provider" "github_actions" {
	provider = google-beta
	project = "my-gcp-project"
	workload_identity_pool_id = google_iam_workload_identity_pool.github_actions.workload_identity_pool_id
	workload_identity_pool_provider_id = "github-actions"
	display_name = "GitHub Actions provider"
	description = "Workload Identity Pool Provider managed by Terraform"
	attribute_condition = "attribute.repository_owner==\"arslanbekov\""
	attribute_mapping = {
	"google.subject" = "assertion.sub"

arslanbekov / main.tf

Created November 24, 2022 16:34

	resource "google_iam_workload_identity_pool" "github_actions" {
	provider = google-beta
	project = "my-gcp-project"
	workload_identity_pool_id = "github-actions"
	display_name = "GitHub Actions pool"
	description = "Workload Identity Pool managed by Terraform"
	disabled = false
	}

arslanbekov / openvpn-cloud.tf

Last active November 24, 2022 16:45

	terraform {
	backend "local" {}
	required_providers {
	openvpncloud = {
	source = "OpenVPN/openvpn-cloud"
	version = "0.0.7"
	}
	}
	}

arslanbekov / google-workspace.tf

Last active November 24, 2022 14:27

arslanbekov / top-brew-packages.txt

Created August 2, 2020 20:50 — forked from pmkay/top-brew-packages.txt

Top homebrew packages

	node: Platform built on V8 to build network applications
	git: Distributed revision control system
	wget: Internet file retriever
	yarn: JavaScript package manager
	python3: Interpreted, interactive, object-oriented programming language
	python: Interpreted, interactive, object-oriented programming language
	mysql: Open source relational database management system
	coreutils: GNU File, Shell, and Text utilities
	openssl: SSL/TLS cryptography library
	postgresql: Object-relational database system

arslanbekov / custom-priorityclass.yaml

Created January 5, 2019 09:25

	apiVersion: scheduling.k8s.io/v1beta1
	description: "This priority class should be used for critical-pods only."
	kind: PriorityClass
	metadata:
	name: custom-high-priority
	value: 100000000

arslanbekov / daemonsets-with-priorityclassname.yaml

Created January 5, 2019 09:06

Example DS from https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/ with change resource values and priorityClassName