Snapshotting to GCS with Workload Identity

Versions (relevant - OpenSearch/Dashboard/Server OS/Browser):
OpenSearch 2.9

Describe the issue:
We’re currently using the repository-gcs plugin to save snapshots to a GCS bucket. However, it seems like this requires us to use a GCP service account key that’s stored as a kubernetes secret. If possible we’d like to avoid using a key, and instead use GCP’s workload identity feature. Does OpenSearch have any functionality to support this?


Relevant Logs or Screenshots:

1 Like

Hi, afaik the repository-gcp plugin supports only service account key, please open an feature request here Issues · opensearch-project/OpenSearch · GitHub so it could be contributed at some point, thank you.