Skip to content

Storage: add support for signing URLs using IAM / tokens. #7627

Closed
#9889
Closed
Storage: add support for signing URLs using IAM / tokens.#7627
#9889
Assignees
HemangChothani
Labels
api: storageIssues related to the Cloud Storage API.help wantedWe'd love to have community involvement on this issue.type: feature request‘Nice-to-have’ improvement, new feature or different behavior or design.
@tseaver

Description

@tseaver
tseaver
opened on Apr 1, 2019

/cc @frankyn. Follow-on from PR #7460; see also issue #922.

Currently, Blob.generate_signed_url can only be used where the blob's client has tokens which support signing (i.e., service accounts, GAE accounts). Although such credentials are widespread, they are not ubiquitous: in particular, the default credentials available on GCE do not support signing.

An alternate implementation is available using the IAM service and access tokens. For an outline, see the Ruby PoC for V4 signing.

For this issue, please adapt that implementation for both V2 and V4 signed URLs.

Metadata

Metadata

Assignees

Labels

api: storageIssues related to the Cloud Storage API.help wantedWe'd love to have community involvement on this issue.type: feature request‘Nice-to-have’ improvement, new feature or different behavior or design.

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions