SQL Driver should accept a service account (file) as property and not only as environment variable

[choss]

Feature Description

We encountered a severe problem with our Java application built on the GCP java client libraries, that connects from on-prem to several cloud SQL postgres instances.

We have the technical requirement that we need to connect to several Cloud SQL instances with different service accounts within one instance of our JVM application. This is impossible right now because:

• Service account key files can be only set as environment variables
• The JDBC core_socket_factory only supports one service account per instance [see 1, line 90]

We require to include these features to the client library to push forward our project, ideally as soon as possible as we are blocked at the moment.

Alternatives Considered

There is no real workaround for this issue.

Additional Context

Google support: Case 29094848

[kurtisvg]

Hi @choss - Thanks for submitting a PR. Right now a lot of our team is OOO because of the upcoming US holiday, but next week we'll take a look and follow up with you.

[kurtisvg]

Can you explain a little more about "technical requirement that we need to connect to several Cloud SQL instances with different service accounts within one instance of our JVM application"? This seems like an anti-pattern considering the IAM identity is supposed to represent the application, and fragmenting permissions for a singular entity across multiple identities only makes it harder to audit the permissions of the entity.

[enocom]

Closing this as stale. If there's still an interest in this feature, feel free to re-open with more context.