Details
-
Improvement
-
Resolution: Fixed
-
Major
-
None
Description
What is the problem?
For AWS you can pass a secret ID and token through the backup service API to authenticate with their KMS. For GCP and Azure you cannot use these options however - they require either environment variables (GOOGLE_APPLICATION_CREDENTIALS or AZURE_AUTH_LOCATION for GCP and Azure respectively) or --km-auth-file (just GCP).
What is the solution?
We should at least expose --km-auth-file. Azure is trickier as it relies completely on environment variables.
Attachments
Issue Links
- relates to
-
MB-57671 [CBM] Allow --km-auth-file to be passed for Azure
- Closed
For Gerrit Dashboard: MB-57643 | ||||||
---|---|---|---|---|---|---|
# | Subject | Branch | Project | Status | CR | V |
193378,6 | MB-57643 Allow authentication file to be specified for KMS | master | cbbs | Status: MERGED | +2 | +1 |
193379,8 | MB-57643 Expose KMS auth file as an option in the UI | master | cbbs | Status: MERGED | +2 | +1 |
193814,2 | MB-57643 Allow tenant ID to be passed for KMS | master | cbbs | Status: MERGED | +2 | +1 |
193815,2 | MB-57643 Expose KMS tenant ID in UI | master | cbbs | Status: MERGED | +2 | +1 |