Difference between Spire node attestation with VM instance identities and Kubernetes projected service account tokens
We deploy Spire to self-managed Kubernetes clusters on hyperscaler VMs (i.e. AWS EC2, Azure VMs, GCP Compute Engine)
Technically speaking, we could set up node attestation either based on VM instance identities (i.e. aws_iid, azure_msi, gc…