[ https://issues.apache.org/jira/browse/JCLOUDS-1585?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17654128#comment-17654128 ]
Eron Wright commented on JCLOUDS-1585: -------------------------------------- This issue seems like a significant usability and security problem, see the [Google Cloud documentation|https://cloud.google.com/kubernetes-engine/docs/concepts/workload-identity#alternatives_to] which says: {quote}Workload Identity is the recommended way for your workloads running on Google Kubernetes Engine (GKE) to access Google Cloud services in a secure and manageable way. Note: We recommend that you use Workload Identity because the alternatives (e.g. using a service account key) require you to make security compromises. {quote} > Unable to use Google Cloud Storage provider inside a Google Cloud environment > ----------------------------------------------------------------------------- > > Key: JCLOUDS-1585 > URL: https://issues.apache.org/jira/browse/JCLOUDS-1585 > Project: jclouds > Issue Type: Bug > Components: jclouds-blobstore, jclouds-labs-google > Affects Versions: 2.4.0 > Environment: Google dataproc cluster with 1.5-ubuntu18 image version > Reporter: Alexis BRENON > Priority: Major > Labels: GCP > > To generate a Google Storage blobstore, user needs to pass credentials > composed of identity and private key. > However, when running the application inside a Google Cloud environment > (Compute Engine, Dataproc, etc.) these credentials are not available and > suitable creadentials can be fetched through [Application Default Credentials > library|https://cloud.google.com/docs/authentication/production#automatically]. > This bug prevents anyone to use the GCSÂ blobstore inside GCP environment as > already reported on > [StackOverflow|https://stackoverflow.com/q/56279711/4373898]. -- This message was sent by Atlassian Jira (v8.20.10#820010)