Overview

Agent Controller fails to start when attempting to use Trust Provider - Kubernetes Service Account: kubernetes.io { pod { name } } attestation.

E.g.

kubernetes.io { pod { name } } - aembit-agent-controller

Applies To

• Kubernetes

Cause

• Trust Provider - Kubernetes Service Account: kubernetes.io { pod { name } } is not defined for an exact match.
• POD naming convention, aembit-agent-controller-<alphanumeric_value> will populated a new <alphanumeric> naming convention upon restart.

Solution

When populating, Trust Provider - Kubernetes Service Account: kubernetes.io { pod { name } }, append a wildcard '*' to your populated value.

E.g.

kubernetes.io { pod { name } } - aembit-agent-controller-*