[
https://issues.apache.org/jira/browse/SOLR-15501?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17456403#comment-17456403
]
Jacek Kikiewicz edited comment on SOLR-15501 at 12/9/21, 12:42 PM:
-------------------------------------------------------------------
Hi [~gerlowskija] - first, sorry for such a massive delay.
So, on internal GCP resources there is so called 'metaserver' which is
accessible on VMs etc more about metaserver is here:
[https://cloud.google.com/appengine/docs/standard/java/accessing-instance-metadata]
, it's possible to fetch token from there:
!image-2021-12-09-13-42-23-536.png!
If however google libraries are used, this is done automatically 'in the
background' if no credentials are given.
was (Author: jaceq):
Hi [~gerlowskija] - first, sorry for such a massive delay.
So, on internal GCP resources there so called 'metaserver' which is accessible
on VMs etc more about metaserver is here:
[https://cloud.google.com/appengine/docs/standard/java/accessing-instance-metadata]
, it's possible to fetch token from there:
!image-2021-12-09-13-42-23-536.png!
If however google libraries are used, this is done automatically 'in the
background' if no credentials are given.
> GCSBackupRepository - allow bucket connection without credentials
> -----------------------------------------------------------------
>
> Key: SOLR-15501
> URL: https://issues.apache.org/jira/browse/SOLR-15501
> Project: Solr
> Issue Type: Improvement
> Components: SolrCloud
> Affects Versions: 8.11
> Reporter: Jacek Kikiewicz
> Priority: Minor
> Attachments: image-2021-12-09-13-42-23-536.png
>
>
> As per documentation:
> [https://solr.apache.org/guide/8_9/making-and-restoring-backups.html#gcsbackuprepository]
> states that:
> ??{{gcsCredentialPath}}A path on the local filesystem (accessible by Solr) to
> a [Google Cloud service account
> key|https://cloud.google.com/iam/docs/creating-managing-service-account-keys]
> file. If not specified, GCSBackupRepository will use the value of the
> {{GCS_CREDENTIAL_PATH}} environment variable. If both values are absent, an
> error will be thrown as GCS requires credentials for most usage.??
> This however makes it more complicated if someone (like me) runs solr in GCP
> and uses roles for rights assignment. Long story short, would it be possible
> to allow built-in roles (so credentialless) to access resources without
> providing any creds?
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
