Generating an IAM token for a compute resource
You can request an Identity and Access Management (IAM) token for a trusted profile that represents your compute resource. The IAM access token is suitable for use as a bearer token in calls that require user or service credentials.
To generate IAM tokens for your compute resources, you must be at least an administrator on All Identity and Access enabled services within the account.
Kubernetes Service
For IBM Cloud® Kubernetes Service, you don't need to take steps to generate an IAM token from a compute resource (CR) token. The token generation is done automatically by the service for new clusters that run Kubernetes version 1.21 or later. Trusted profiles are not supported for earlier versions of Kubernetes. See Authorizing pods in your cluster to IBM Cloud services with IAM trusted profiles for more information.
Red Hat OpenShift on IBM Cloud
Give application pods that run in your Red Hat® OpenShift® on IBM Cloud® cluster access to IBM Cloud services by creating a trusted profile. For more information, see Authorizing pods in your cluster to IBM Cloud services with IAM trusted profiles.
Virtual Servers for VPC
Virtual Servers for VPC uses different APIs for token creation. For more information, see Using a trusted profile to call IAM-enabled services.