René's URL Explorer Experiment

{"@context":"https://schema.org","@type":"DiscussionForumPosting","headline":"feast-operator: support setting the ServiceAccount annotations for cloud platform IAM use case","articleBody":"**Is your feature request related to a problem? Please describe.**\nKubernetes platforms on AWS and GKE allows pods to assume the IAM roles/service account by setting certain annotations on the ServiceAccount resource. In the background, this annotation will be used to inject the credentials required for the Pod to access internal services of the cloud platform.\n\nIn AWS EKS, it uses annotation: `eks.amazonaws.com/role-arn`\nIn GCP GKE, it uses annotation: `iam.gke.io/gcp-service-account`\n\n**Describe the solution you'd like**\nAdd section inside the FeatureStore CRD to set configure the annotations for the ServiceAccount that will be created. Maybe can add it to `featurestore.spec.services.offlineStore.serviceAccount.annotations`.\n\nedit: add specific to just `offlineStore` instead of directly under `services`\n\n**Describe alternatives you've considered**\nManually adding the annotation to the created ServiceAccount resource after the FeatureStore has been created and the feast-operator has created the ServiceAccount.\n\n**Additional context**\nI dug around the feast-operator code and found this [function](https://github.com/feast-dev/feast/blob/14f45eebd747d024a11c95dbd65c9ceb3ad0ca67/infra/feast-operator/internal/controller/services/services.go#L864-L870) that sets the metadata of the ServiceAccount. From this I think can be done to also add the annotations when specified in the FeatureStore CR spec.\n","author":{"url":"https://github.com/pokgak","@type":"Person","name":"pokgak"},"datePublished":"2025-04-28T11:11:33.000Z","interactionStatistic":{"@type":"InteractionCounter","interactionType":"https://schema.org/CommentAction","userInteractionCount":7},"url":"https://github.com/5302/feast/issues/5302"}