{"id":"gke-keyless-identity-naming-dependent","text":"GKE Workload Identity eliminates service account keys via WIF's unified keyless pattern but makes identity isolation depend on naming conventions: same namespace + service account name across clusters in the same project maps to the same IAM identity, shifting the security boundary from cryptographic keys to organizational naming discipline.","truth_value":"OUT","source":"","source_url":"","source_hash":"","justifications":[],"dependents":[],"metadata":{"_retracted":true},"explanation":{"steps":[{"node":"gke-keyless-identity-naming-dependent","truth_value":"OUT","reason":"retracted premise"}]}}