[jira] [Commented] (SOLR-15501) GCSBackupRepository - allow bucket connection without credentials

Mon, 09 Aug 2021 13:53:04 -0700 


    [ 
https://issues.apache.org/jira/browse/SOLR-15501?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17396279#comment-17396279
 ] 

Jason Gerlowski commented on SOLR-15501:
----------------------------------------

There's definitely no support for that today.  If you want to backup to GCS you 
need an account key currently, unfortunately.

To be honest I'm unfamiliar with the roles and rights assignment aspect of GCP 
you mentioned - do you have a pointer so I could catch up on how that'd work 
for backups?  Personally I'd be happy to review and merge an improvement here 
if the feature makes sense, I just don't know much about it.

> GCSBackupRepository - allow bucket connection without credentials
> -----------------------------------------------------------------
>
>                 Key: SOLR-15501
>                 URL: https://issues.apache.org/jira/browse/SOLR-15501
>             Project: Solr
>          Issue Type: Improvement
>      Security Level: Public(Default Security Level. Issues are Public) 
>          Components: SolrCloud
>    Affects Versions: 8.9
>            Reporter: Jacek Kikiewicz
>            Priority: Minor
>
> As per documentation: 
> [https://solr.apache.org/guide/8_9/making-and-restoring-backups.html#gcsbackuprepository]
>  states that:
> ??{{gcsCredentialPath}}A path on the local filesystem (accessible by Solr) to 
> a [Google Cloud service account 
> key|https://cloud.google.com/iam/docs/creating-managing-service-account-keys] 
> file. If not specified, GCSBackupRepository will use the value of the 
> {{GCS_CREDENTIAL_PATH}} environment variable. If both values are absent, an 
> error will be thrown as GCS requires credentials for most usage.??
> This however makes it more complicated if someone (like me) runs solr in GCP 
> and uses roles for rights assignment. Long story short, would it be possible 
> to allow built-in roles (so credentialless) to access resources without 
> providing any creds?



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to