Uploaded image for project: 'OpenShift Request For Enhancement'
  1. OpenShift Request For Enhancement
  2. RFE-4301

Enable WIF support for CloudSQL in Quay on GCP

XMLWordPrintable

    • Icon: Feature Request Feature Request
    • Resolution: Unresolved
    • Icon: Minor Minor
    • None
    • None
    • Quay
    • False
    • None
    • False
    • Not Selected
    • x86_64

      1. Proposed title of this feature request
      Enable WIF support for CloudSQL used by Quay in GCP

      2. What is the nature and description of the request?
      Enable Workload identity federation support for Quay in GCP.

      Quay (and Clair) would need to support WIF for both:

      CloudSQL (PSQL) for the Database

      3. Why does the customer need this? (List the business requirements here)
      Per customers organization policy they need to leverage zero trust capabilities of GCP were available, not being able to use WIF would force the customer to create a GCP service accounts keys, and/or HMAC keys, thus we are blocked from moving forward with deploying Red Hat Quay.

      4. List any affected packages or components.
      Quay
      WIF

      https://cloud.google.com/iam/docs/workload-identity-federation
      https://docs.openshift.com/container-platform/4.10/authentication/understanding-identity-provider.html

              DanielMesser Daniel Messer
              rhn-support-bsmitley Brandon Smitley
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated: