magpie icon indicating copy to clipboard operation
magpie copied to clipboard

Published 20 hours ago verified publisher icon openraven

Add nascent injected credential provider support

Open oferrigni opened this issue 2 years ago • 1 comments

This PR modifies the call chain for discover to add an injected google Credential Provider. This provider will supply credentials to a given discovery run for situations where the GOOGLE_APPLICATION_CREDENTIALS env var is not suitable for authentication.

Assigning to @kickroot and @tg0uld for triage? Apologies if incorrect.

I've tested iam discovery delivering to kafka configured in code.

I think the resourceType representation should be revisited. "GCP::Iam::Role" is mirroring the cloudformation notation used in AWS. That doesn't feel like a google resourceType, but an AWS resource type representing google (if you see my confusion). Since this PR already touches every discovery service, it is a timely moment to address this.

I belive @cwebberOps should be consulted. Also MD, but I can't seem to find his github handle.

oferrigni avatar Oct 14 '22 22:10 oferrigni

@oferrigni please feel free to modify the IAM resourceType as needed.

Finally, please double check your IDE indentation settings. I'm seeing what looks like 4 spaces when the convention is 2.

Thanks!

kickroot avatar Oct 17 '22 14:10 kickroot