docs(guides): add crossplane with workload-identity guide

[haarchri]

This PR adds docs for configuring Crossplane to pull packages from private cloud provider container registries using Kubernetes Workload Identity.

Users frequently encounter issues when trying to use Crossplane with private container registries in managed Kubernetes environments like EKS, AKS, and GKE. While Crossplane already supports workload identity authentication, the setup process and prerequisites are not well documented. This leads to confusion and issue requests, as seen in crossplane/crossplane#6137.

The guide provides step-by-step instructions for configuring workload identity with Crossplane across AWS EKS with IAM Roles for Service Accounts and ECR, Azure AKS with Azure Workload Identity and ACR, and Google Cloud GKE with GKE Workload Identity and Artifact Registry.

This guide helps users leverage Crossplane's existing workload identity support without requiring static credentials or imagePullSecrets.

[netlify]

✅ Deploy Preview for crossplane ready!

Name	Link
🔨 Latest commit	0ddc895
🔍 Latest deploy log	https://app.netlify.com/projects/crossplane/deploys/69806568a8946500085e7e78
😎 Deploy Preview	https://deploy-preview-1047--crossplane.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.
Lighthouse	1 paths audited Performance: 93 (🔴 down 4 from production) Accessibility: 90 (🔴 down 2 from production) Best Practices: 92 (no change from production) SEO: 100 (no change from production) PWA: 70 (no change from production) View the detailed breakdown and full score reports

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[jbw976]

oh fun, lots of Vale errors to fix here too 😇
https://github.com/crossplane/docs/actions/runs/21406771389/job/61632748813?pr=1047

my agent was able to do pretty well at tackling these last time i had a bunch, it just needs to know how to run Vale locally so it can check if it's doing well, e.g.:

❯ vale --config="./utils/vale/.vale.ini" content/master/

[jbw976]

Thanks @haarchri, this will be a very useful foundation to help guide people to set up this not too uncommon scenario for themselves - it will be appreciated.

This material looks reasonable enough with the caveat that I don't know this subject domain very well personally and I definitely didn't try out these instructions myself either.

Let's clean up the vale issues and copy to master and it should be good enough for me.

[jbw976]

Awesome, thanks for getting this to the finish line @haarchri! 🙇‍♂️