Support GCP Workload Identity in the repository-gcs plugin #11224
Labels
enhancement
Enhancement or improvement to existing feature or request
good first issue
Good for newcomers
low hanging fruit
Storage:Snapshots
Is your feature request related to a problem? Please describe.
Storing snapshots with the repository-gcs plugin requires a gcp service account key that's stored as a kubernetes secret. We'd like to avoid this secret as it requires additional overhead like periodically rotating the secret for security. GCP's Workload Identity feature would be a better alternative that avoids the need for a secret.
Describe the solution you'd like
Use GCP's workload identity feature for authentication in the repository-gcs plugin.
Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.
Additional context
Add any other context or screenshots about the feature request here.
The text was updated successfully, but these errors were encountered: