Is it possible to setup RBAC to restrict access from a Google Cloud Function?
I give an identity to the Cloud Function, and I try to restrict that Service Account in the
subjects: - user: "serviceaccountemail"
Where “serviceaccountemail” is the SA email we set as identity for the CF.
With no luck. Is this doable? How should I achieve this?
I inspected incoming traffic from a GC Function, but cannot find any HTTP header I could use for this. So maybe there is a proper way to bind the GCP Service Account with istio auth.