Add support for custom AWS STS endpoint for bucket/S3 source
bdalpe opened this issue · 3 comments
bdalpe commented
This would enable usage of MinIO STS auth
stefanprodan commented
We support OIDC auth for AWS, Azure and GCP, docs here: https://fluxcd.io/flux/components/source/buckets/#provider
Is this feature request for MinIO own implementation?
scmeli commented
The MinIO credentials package already supports a custom STS endpoint, so I think the request is to add it to the bucket.Spec and pass to the minio wrapper:
} else if bucket.Spec.Provider == sourcev1.AmazonBucketProvider {
- opt.Creds = credentials.NewIAM("")
+ opt.Creds = credentials.NewIAM(bucket.Spec.STSEndpoint)
}
bdalpe commented
@scmeli is correct, this request is to expose the STS endpoint configuration to accept custom values.
This is relevant for MinIO, but also for AWS especially when running in a VPC an interface endpoint for STS or wanting to use the regional STS endpoints.