Z2JH user Profiles with custom Service Accounts

Is there a way to customise multiple profiles in Z2JH to spawn single-user pods with distinct service accounts from each other?

The use case is so that different groups of users can inherit different permissions for accessing external resources (applied using k8s OIDC, for example to associate different AWS IAM roles to each profile). We have already configured so that some profiles are only made available to particular user groups.

Ah, looks like there is an override available…

1 Like