Skip to content
For Self-Managed AI Platform users running v11.1, see the on-premise platform documentation

OIDC provider

Self-managed installation and maintenance > Installation and configuration guide > Google Kubernetes Engine (GKE) > OIDC provider

OIDC provider

Workload Identity Federation (WIF) for GKE lets you use IAM policies to grant Kubernetes workloads in your GKE cluster access to specific Google Cloud APIs without needing manual configuration or less secure methods, like service account key files. By using WIF for GKE you can assign distinct, fine-tuned identities and authorization for each application in your cluster.

It is recommended to provision Google GKE clusters that use WIF from the start. When creating your GKE clusters, make sure you enable Workload Identity.