Uploaded image for project: 'Couchbase Server'
  1. Couchbase Server
  2. MB-57643

[CBBS] Encrypted backups section should expose authentication options for GCP and Azure

    XMLWordPrintable

Details

    Description

      What is the problem?

      For AWS you can pass a secret ID and token through the backup service API to authenticate with their KMS. For GCP and Azure you cannot use these options however - they require either environment variables (GOOGLE_APPLICATION_CREDENTIALS or AZURE_AUTH_LOCATION for GCP and Azure respectively) or --km-auth-file (just GCP).

      What is the solution?

      We should at least expose --km-auth-file. Azure is trickier as it relies completely on environment variables. 

      Attachments

        Issue Links

          relates to

          Improvement - An improvement or enhancement to an existing feature or task. MB-57671 [CBM] Allow --km-auth-file to be passed for Azure

          • Major - Major loss of function.
          • Closed
          For Gerrit Dashboard: MB-57643
          # Subject Branch Project Status CR V
          193378,6 MB-57643 Allow authentication file to be specified for KMS master cbbs Status: MERGED +2 +1
          193379,8 MB-57643 Expose KMS auth file as an option in the UI master cbbs Status: MERGED +2 +1
          193814,2 MB-57643 Allow tenant ID to be passed for KMS master cbbs Status: MERGED +2 +1
          193815,2 MB-57643 Expose KMS tenant ID in UI master cbbs Status: MERGED +2 +1

          Activity

            People

              gilad.kalchheim Gilad Kalchheim
              Matt.Hall Matt Hall
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Gerrit Reviews

                  There are no open Gerrit changes

                  PagerDuty