-
Notifications
You must be signed in to change notification settings - Fork 217
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
GCE metadata server credentials cannot sign storage blob #141
Labels
type: feature request
‘Nice-to-have’ improvement, new feature or different behavior or design.
Comments
Hi. |
@lesv , would you be able to address this or assign to someone who could? |
I'll create an internal issue and cc all of you. |
Done. Googler's should see an email. |
It will make configuration of our solution much easier without dealing with private json keys to produce signed urls for storage blobs. |
JustinBeckwith
added
🚨
This issue needs some love.
triage me
I really want to be triaged.
labels
Jun 8, 2018
JustinBeckwith
added
type: feature request
‘Nice-to-have’ improvement, new feature or different behavior or design.
and removed
triage me
I really want to be triaged.
🚨
This issue needs some love.
labels
Jun 20, 2018
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
type: feature request
‘Nice-to-have’ improvement, new feature or different behavior or design.
With GAE java 8 standard runtime, GCE metadata server is used to retrieve credentials. However, unlike
google.appengine.api.app_identity.sign_blob()
, metadata sever is not able to sign GCS blob (discussion captured here and here). It seems the timeline for metadata server to enable signing is not clear. This currently blocks java storage client library to run on GAE java 8 standard (googleapis/google-cloud-java#2629). Auth lib should implement IAM signer to provide workaround (as python auth lib did: googleapis/google-auth-library-python#108)The text was updated successfully, but these errors were encountered: