Uploaded image for project: 'Debezium'
  1. Debezium
  2. DBZ-6885

Support for GKE workload identities

XMLWordPrintable

    • Icon: Enhancement Enhancement
    • Resolution: Done
    • Icon: Major Major
    • 2.4.0.CR1
    • None
    • spanner-connector
    • None

      Which use case/requirement will be addressed by the proposed feature?

      We are building KafkaConnect on GKE and GKE has a mechanism to authenticate without issuing a ServiceAccount JSON key.
      https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity
      Since issuing JSON keys is a security risk, we would like to support GKE workload identities with Spanner connectors.

      Implementation ideas (optional)

      https://cloud.google.com/docs/authentication

      If no JSON key is explicitly set, the Application Default Credentials mechanism can be used for proper authentication processing.

              Unassigned Unassigned
              laughingman7743 Tomoyuki Nakamura (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: