Snapshotting to GCS with Workload Identity

david1 · November 15, 2023, 1:03am

Versions (relevant - OpenSearch/Dashboard/Server OS/Browser):
OpenSearch 2.9

Describe the issue:
We’re currently using the repository-gcs plugin to save snapshots to a GCS bucket. However, it seems like this requires us to use a GCP service account key that’s stored as a kubernetes secret. If possible we’d like to avoid using a key, and instead use GCP’s workload identity feature. Does OpenSearch have any functionality to support this?

Configuration:

Relevant Logs or Screenshots:

reta · November 15, 2023, 3:27pm

Hi, afaik the repository-gcp plugin supports only service account key, please open an feature request here Issues · opensearch-project/OpenSearch · GitHub so it could be contributed at some point, thank you.

Topic		Replies	Views
Plugin repository-gcs not working for snapshots Index Management configure	3	1094	March 8, 2023
[repositories plugin] Is it possible to use ACCESS_/SECRET_KEY with GCS? OpenSearch	0	249	January 18, 2024
What storage service can I use for snapshots? OpenSearch configure	11	1487	August 22, 2022
How to provide credentials for repository-azure plugin on Kubernetes? General Feedback configure	4	680	March 8, 2024
GCS to AWS Opensearch OpenSearch	0	50	June 18, 2024

Snapshotting to GCS with Workload Identity

Related topics