Uploaded image for project: 'Distributed Tracing'
  1. Distributed Tracing
  2. TRACING-4517

Short lived token authentication for Tempo

XMLWordPrintable

    • Icon: Epic Epic
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • rhosdt-3.5
    • None
    • None
    • None
    • Enable TLS for auto-instrumentation
    • 2
    • False
    • None
    • False
    • Not Selected
    • To Do
    • OBSDA-873 - Short lived token authentication for Tempo
    • OBSDA-873Short lived token authentication for Tempo
    • 100% To Do, 0% In Progress, 0% Done

      Proposed title of this feature request

      Support following short lived object storage token authentication:

       

      Feature parity with Loki: https://loki-operator.dev/docs/short_lived_tokens_authentication.md/#gcp-workload-identity-federation 

       

      What is the nature and description of the request?

      As it happened in OBSDA-794 for AWS S3, Tempo supports AWS S3 access via access key and secret key. To access S3, we typically create a secret in OpenShift containing these keys. However, the customer's SIEM team does not permit storing secrets locally on the cluster.

      While this is alreaady solved for S3, we need to fix this of other cloud providers: GCP and Azure.

      Check:https://github.com/grafana/tempo-operator/issues/956 

            rvargasp@redhat.com Ruben Vargas Palma
            rh-ee-jgomezse Jose Gomez-Selles
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated: