storage: support gcloud ADC impersonation for signed URLs #9827
Labels
api: storage
Issues related to the Cloud Storage API.
cpp: backlog
While desirable, we do not have time to work on this for the foreseeable future.
type: feature request
‘Nice-to-have’ improvement, new feature or different behavior or design.
Milestone
What component of
google-cloud-cpp
is this feature request for?google/cloud/storage
Is your feature request related to a problem? Please describe.
GCS Use Case: Customers do not want to download and manage a private key locally. They wish to configure authentication using only gcloud auth. Currently, they can run
gcloud auth application-default login
and the storage client will work for manipulating buckets and objects. However, Signed URLs can't be signed this way without additional support in Storage libraries and support for impersonation in language specific auth libraries.Describe the solution you'd like
Be able to create a signed URL using gcloud ADC impersonated credentials with IAM Service Account Sign Blob API without having to use a service-account private key locally.
Additional context
Go Storage is working on an implementation however it does rely on Auth library support for this path;
PR: googleapis/google-cloud-go#6591
The text was updated successfully, but these errors were encountered: