datashim
datashim copied to clipboard
support IBM Cloud IAM API Key instead of HMAC keypair when configuring COS bucket as dataset
The use case is about working with data on IBM COS. I followed the guide here: https://github.com/IBM/dataset-lifecycle-framework/wiki/Data-Volumes-for-Notebook-Servers#create-a-dataset-for-the-s3-bucket
where it creates a COS bucket, it needs:
apiVersion: com.ie.ibm.hpsys/v1alpha1
kind: Dataset
metadata:
name: your-dataset
spec:
local:
type: "COS"
accessKeyID: "access_key_id"
secretAccessKey: "secret_access_key"
endpoint: "https://YOUR_ENDPOINT"
bucket: "YOUR_BUCKET"
region: "" #it can be empty
Which requires a service credential to be created.
I wonder if it can support creating dataset via:
apiVersion: com.ie.ibm.hpsys/v1alpha1
kind: Dataset
metadata:
name: your-dataset
spec:
local:
type: "COS"
ibm_cloud_iam_apikey: "<base64 encoded api key>"
bucket: "YOUR_BUCKET"
region: "" #it can be empty
Which will make COS admin's life much easier since it can delegate secret management/rotate to IBM Cloud IAM.