Uploaded image for project: 'Observability and Data Analysis Program'
  1. Observability and Data Analysis Program
  2. OBSDA-873

Short lived token authentication for Tempo

XMLWordPrintable

    • Icon: Feature Feature
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • rhosdt-3.5
    • None
    • PM Tracing
    • None
    • False
    • None
    • False
    • Not Selected
    • 0
    • 100% To Do, 0% In Progress, 0% Done

      Proposed title of this feature request

      Support following short lived object storage token authentication:

       

      Feature parity with Loki: https://loki-operator.dev/docs/short_lived_tokens_authentication.md/#gcp-workload-identity-federation 

       

      What is the nature and description of the request?

      As it happened in OBSDA-794 for AWS S3, Tempo supports AWS S3 access via access key and secret key. To access S3, we typically create a secret in OpenShift containing these keys. However, the customer's SIEM team does not permit storing secrets locally on the cluster.

      While this is alreaady solved for S3, we need to fix this of other cloud providers: GCP and Azure.

      Check:https://github.com/grafana/tempo-operator/issues/956 

              rh-ee-jgomezse Jose Gomez-Selles
              rh-ee-jgomezse Jose Gomez-Selles
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: