Login Contact us

Build & Ship

Productized agency engagements — web, API, platform, mobile

Cloud Environments

Multi-cloud Terraform-as-a-service across AWS, Azure, GCP

Developer Platform

API portal, webhooks, CLI, Terraform provider, SDKs

GitHub, Vercel, Cloudflare, Datadog, Slack, and more

Operate & Grow

Managed Hosting

Fully managed cloud with monitoring and uptime SLAs

GRC & Compliance

SOC 2, HIPAA, ISO 27001, PCI, GDPR — done-for-you

Compliance Add-Ons Catalog

Browse all frameworks — SOC 2, HIPAA, PCI, ISO, NIST, CMMC, FedRAMP

Workflow Orchestration

Managed Temporal for durable, reliable execution

Copilot, weekly digest, doc Q&A, smart messaging — built into the platform

Bundle and save

Hosting + 1 GRC framework + workflows from $499/mo on Growth.

GCPSecurity

Workload Identity

GKE Workload Identity binding between K8s and Google service accounts

Usage

module "workload_identity" {
  source = "github.com/fencepencil/gcp-modules//workload-identity"

  project_id = "<project_id>"
  service_account_id = "<service_account_id>"
  namespace = "<namespace>"
  k8s_service_account = "<k8s_service_account>"

  tags = var.tags
}

Inputs (5)

Name	Type	Description	Default	Required
`project_id`	string	GCP project ID	—	yes
`service_account_id`	string	Google service account ID	—	yes
`namespace`	string	Kubernetes namespace	—	yes
`k8s_service_account`	string	K8s service account name	—	yes
`roles`	list(string)	IAM roles to grant	`[]`	no

Outputs (2)

Name	Description
`service_account_email`	Service account email
`service_account_name`	Service account full name

More GCP Modules

Browse our full library of GCP infrastructure modules.

View all GCP modules