storage: support gcloud ADC impersonation for signed URLs #9827
Labels
api: storage
Issues related to the Cloud Storage API.
cpp: backlog
While desirable, we do not have time to work on this for the foreseeable future.
type: feature request
‘Nice-to-have’ improvement, new feature or different behavior or design.
Milestone
Comments
frankyn
added
the
type: feature request
product-auto-label
bot
added
the
api: storage
|
Realistically we do not have time to work on this for the foreseeable future. Closing for now. |
coryan
added
the
cpp: backlog
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What component of
google-cloud-cppis this feature request for?google/cloud/storageIs your feature request related to a problem? Please describe.
GCS Use Case: Customers do not want to download and manage a private key locally. They wish to configure authentication using only gcloud auth. Currently, they can run
gcloud auth application-default loginand the storage client will work for manipulating buckets and objects. However, Signed URLs can't be signed this way without additional support in Storage libraries and support for impersonation in language specific auth libraries.Describe the solution you'd like
Be able to create a signed URL using gcloud ADC impersonated credentials with IAM Service Account Sign Blob API without having to use a service-account private key locally.
Additional context
Go Storage is working on an implementation however it does rely on Auth library support for this path;
PR: googleapis/google-cloud-go#6591
The text was updated successfully, but these errors were encountered: