CredentialBinding
CredentialBinding binds a CredentialSource to a workload and defines how the credential is delivered. Credentials can be injected on-the-wire (the kernel transparently rewrites HTTP headers) or made available as files on the sysfs filesystem.
- API Group:
core.riptides.io - Version:
v1alpha1 - Kind:
CredentialBinding - Plural:
credentialbindings
Note: CredentialBinding replaces the deprecated
WorkloadCredentialresource. All new configurations should use CredentialBinding.
workloadID
Section titled “workloadID”| Type | string |
| Required | Yes |
The workload ID this binding applies to. Must match the workloadID of an existing WorkloadIdentity.
credentialSource
Section titled “credentialSource”| Type | string |
| Required | Yes |
The name of the CredentialSource resource to bind.
propagation
Section titled “propagation”| Type | object |
| Required | Yes |
Defines how the credential is delivered to the workload. One or both of the following may be configured:
propagation.injection
Section titled “propagation.injection”On-the-wire credential injection. When configured, the Riptides kernel module transparently rewrites outbound HTTP requests to inject the credential (e.g., as an Authorization header). Injection is activated when egress traffic matches the specified selectors.
| Field | Type | Required | Description |
|---|---|---|---|
selectors | array of selector objects | Yes | Label selectors that match against Service labels. When outbound traffic targets a matching service, the credential is injected into the request. |
The selectors use the same label-matching mechanism as Service labels. For example, {api: openai} matches a Service with labels: {api: openai}.
propagation.sysfs
Section titled “propagation.sysfs”File-based credential delivery. When configured (even as an empty object {}), the Riptides daemon writes credential files to a well-known sysfs path that the workload can read directly:
/sys/module/riptides/credentials/<binding-hash>/<binding-name>/<filename>The actual file paths are reported in the resource’s status.
Status
Section titled “Status”| Field | Type | Description |
|---|---|---|
state | string | Current state of the binding. Valid values: OK, FAILED. |
message | string | Human-readable message with additional detail. |
updateAt | string (date-time) | Timestamp of the last status update. |
sysfs.files | array of file objects | List of credential files available on sysfs (only present when propagation.sysfs is configured). |
sysfs.files[]
Section titled “sysfs.files[]”| Field | Type | Description |
|---|---|---|
path | string | Absolute filesystem path to the credential file. |
type | string | Type of file content. Valid values: CONFIG, CREDENTIAL, TOKEN. |
Examples
Section titled “Examples”Injection-only binding
Section titled “Injection-only binding”Inject a JWT credential into outbound HTTP requests targeting a specific service:
apiVersion: core.riptides.io/v1alpha1kind: CredentialBindingmetadata: name: client-jwt-binding namespace: riptides-systemspec: workloadID: demo/httpclient credentialSource: my-jwt-svid propagation: injection: selectors: - service: my-backendInjection and sysfs binding
Section titled “Injection and sysfs binding”Deliver a Vault-sourced credential both via on-the-wire injection and as a file on sysfs:
apiVersion: core.riptides.io/v1alpha1kind: CredentialBindingmetadata: name: vault-api-keys-binding namespace: riptides-systemspec: workloadID: support-assistant/app/assistant-api credentialSource: vault-api-keys propagation: injection: selectors: - api: openai sysfs: {}When the binding is active, the status reports the sysfs file paths:
status: state: OK sysfs: files: - path: /sys/module/riptides/credentials/33bc2e42-24c0-5ca1-bb5b-80c2537580df/vault-api-keys-binding/token.jwt type: TOKEN updateAt: "2026-02-25T08:34:53.942667783Z"Usage with WorkloadIdentity
Section titled “Usage with WorkloadIdentity”CredentialBindings work in conjunction with WorkloadIdentity to deliver credentials transparently. The WorkloadIdentity enables TLS interception at the top level, and the CredentialBinding’s propagation.injection.selectors determine which outbound connections receive the credential:
# WorkloadIdentity enables TLS interception:connection: tls: mode: PERMISSIVE intercept: true---# CredentialBinding targets specific services via selectors:spec: workloadID: my-app/workload credentialSource: vault-api-keys propagation: injection: selectors: - api: openai # matches Service labelsWhen the workload makes an outbound connection to a service matching the injection selectors, Riptides transparently intercepts the connection and injects the bound credential.
Related Resources
Section titled “Related Resources”- CredentialSource — The credential source that this binding references.
- WorkloadIdentity — The workload that receives the injected credential.
- Service — Injection selectors match against service labels.
- API Reference Overview