cloud credentials for backup in k8s operator - feature request

I did not find the Jira project or GitHub repo to ask for a feature request so writing it here…

if storageSpec.S3.CredentialsSecret == “” {
return nil, fmt.Errorf(“no credentials specified for the secret name %s”, storageName)
}

It would be nice not to return an error in case no s3.credentials is set for the cluster hosted on the cloud providers. AWS has the ability to get temporary credentials using the role attached to a pod. It is a more secure and flexible way of dealing with credentials. The creds should be renewed on every scheduled run using api call to STS. Maybe add another field in storage config, to have something like this:
storages:
s3-backup-bucket:
type: “s3”
s3:
bucket: {{ .Values.backup.storages.s3BackupStorage.s3.bucketName }}
region: {{ .Values.backup.storages.s3BackupStorage.s3.region }}
cloud: “AWS”

and in pkg/psmdb/backup/agent.go

if storageSpec.S3.cloud == “AWS” {
some_logic
}
elif storageSpec.S3.cloud == “Other_cloud” {
some_logic2
}
elif storageSpec.S3.cloud == “”{
if storageSpec.S3.CredentialsSecret == “” {
return nil, fmt.Errorf(“no credentials specified for the secret name %s”, storageName)
}
}

Thanks for this, I have brought it to the attention of the team, and I’m finding out if there’s a Jira project for these requests. I’ll report back if I find one.

OK, found it (I was being slow…!) Here’s the Jira project, and we’d be happy for you to create a feature request there

[url]https://jira.percona.com/projects/K8SPSMDB/issues/K8SPSMDB-176?filter=allopenissues[/url]

Thank you.
The feature request: [URL]https://jira.percona.com/projects/K8SPSMDB/issues/K8SPSMDB-185?filter=allissues[/URL]

Great thank you Oleksii, appreciated!