TechQA.

Using jclouds to call GCE without supplying credentials (GoogleCredentialsFromJson not an option)

289 views Asked by At

I'm able to successfully make GCP calls (e.g. list/create/delete instances) using jclouds, but I'm currently relying on GoogleCredentialsFromJson to supply the credentials. For security reasons (including auto rotation of credentials), I don't want to rely on that in production.

The VM from which I will be making the calls is already associated with a service account, so credentials should not be necessary. However, when I leave out what I thought was an optional Credentials Supplier, I get an error (property google-compute-engine.identity not present in properties). How do I go about wiring jclouds without pointing to credentials?

This works:

        final ContextBuilder contextBuilder = ContextBuilder.newBuilder(GCP_PROVIDER)
                .endpoint(gcpEndpoint)
                .overrides(overrides)
                .credentialsSupplier(newCredentialsSupplier(gcpCredentials))
                .modules(modulesSetBuillder.build());

This does not:

        final ContextBuilder contextBuilder = ContextBuilder.newBuilder(GCP_PROVIDER)
                .endpoint(gcpEndpoint)
                .overrides(overrides)
                .modules(modulesSetBuillder.build());

newCredetialsSupplier essentially just does this:

    // Simplified for this example
    private Supplier<Credentials> newCredentialsSupplier(String jsonCredentials) {
        return new GoogleCredentialsFromJson(jsonCredentials);
    }

I would ideally expect the second code snippet (which just leaves out the credentials supplier) to work, but I get this error instead:

java.util.NoSuchElementException: property google-compute-engine.identity not present in properties: [jclouds.idempotent-methods, jclouds.user-threads, jclouds.template, jclouds.max-session-failures, oauth.endpoint, jclouds.google-compute-engine.image-projects, jclouds.google-compute-engine.operation-complete-timeout, jclouds.oauth.jws-alg, jclouds.max-connection-reuse, jclouds.endpoint, jclouds.connection-close-header, jclouds.googlecloud.project-name, jclouds.scheduler-threads, jclouds.build-version, jclouds.iso3166-codes, jclouds.google-compute-engine.operation-complete-interval, jclouds.so-timeout, jclouds.max-connections-per-host, jclouds.max-connections-per-context, jclouds.strip-expect-header, jclouds.regions, jclouds.api, jclouds.user-agent, jclouds.max-parallel-deletes, jclouds.oauth.audience, jclouds.api-version, jclouds.payloads.pretty-print, jclouds.connection-timeout, jclouds.provider, jclouds.session-interval]"}
google-cloud-platform google-compute-engine jclouds
Original Q&A
0

There are 0 answers

Related Questions in GOOGLE-CLOUD-PLATFORM

Related Questions in GOOGLE-COMPUTE-ENGINE

Related Questions in JCLOUDS

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Trending Questions