Add ability to chain roles for assume role in cloud storage and KMS #81453
Assignees
Labels
A-disaster-recovery
C-enhancement
Solution expected to add code/behavior + preserve backward-compat (pg compat issues are exception)
T-disaster-recovery
Comments
rhu713
added
C-enhancement
|
cc @cockroachdb/bulk-io |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
For the CC CMEK project, the design requires that the assume role authorization for KMS to be able chain assume a list of specified roles/service accounts.
Though the project doesn't require chain role auth for cloud storage, it should be straightforward to implement this chaining in order to maintain API consistency as well.
Describe the solution you'd like
Implement chaining for assume role in AWS and GCP.
Describe alternatives you've considered
Additional context
Jira issue: CRDB-15175
Epic CRDB-15037
The text was updated successfully, but these errors were encountered: