When using kubernetes workload identity service account, there is no credentials file mounted in the container, however there is the option to mount the service account token: automountServiceAccountToken. This looks like a JWT belonging to the application's workload identity service account.
It therefore seems possible to have the option to use this JWT directly instead of constructing one from the credentials file.
Does this seem plausible to you?
When using kubernetes workload identity service account, there is no credentials file mounted in the container, however there is the option to mount the service account token:
automountServiceAccountToken. This looks like a JWT belonging to the application's workload identity service account.It therefore seems possible to have the option to use this JWT directly instead of constructing one from the credentials file.
Does this seem plausible to you?