Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Support for IAMCredentials based impersonation #210

Closed
salrashid123 opened this issue Nov 13, 2018 · 1 comment
Closed

Add Support for IAMCredentials based impersonation #210

salrashid123 opened this issue Nov 13, 2018 · 1 comment
Assignees
@chingor13
Labels
type: feature request ‘Nice-to-have’ improvement, new feature or different behavior or design.

Comments

@salrashid123
Copy link
Contributor

Feature request to support service account impersonation provided by
iamcredentials.generateAccessToken()

This will allow one set of credentials to assume another set for use in the coud libraries:

sample usage:

String cred_env = "/path/to/svc_account.json";
ServiceAccountCredentials source_credentials = ServiceAccountCredentials
		.fromStream(new FileInputStream(cred_env));

source_credentials = (ServiceAccountCredentials) source_credentials
		.createScoped(Arrays.asList("https://www.googleapis.com/auth/iam"));

ImpersonatedCredentials target_credentials = ImpersonatedCredentials.create(
    source_credentials,
   "impersonated-account@fabled-ray-104117.iam.gserviceaccount.com", 
   null,
   Arrays.asList("https://www.googleapis.com/auth/devstorage.read_only"), 3600);

Storage storage_service = StorageOptions.newBuilder().setProjectId("project-id")
		.setCredentials(target_credentials).build().getService();

for (Bucket b : storage_service.list().iterateAll()) 
  System.out.println(b);

ref:

in python: googleapis/google-auth-library-python#299

in golang: golang/oauth2#335
@salrashid123 salrashid123 mentioned this issue Nov 13, 2018
Merged
@chingor13 chingor13 added the type: feature request ‘Nice-to-have’ improvement, new feature or different behavior or design. label Nov 13, 2018
@chingor13
Copy link
Contributor

Added in #211 and released in 0.12.0.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@chingor13 chingor13

Labels
type: feature request ‘Nice-to-have’ improvement, new feature or different behavior or design.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@chingor13 @salrashid123