Skip to content

oss: Add sdk_auth config to support more authentication methods #198

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 3 commits into
base: main
Choose a base branch
from
Draft

oss: Add sdk_auth config to support more authentication methods #198

wants to merge 3 commits into from
+278 −10

Conversation

@mozillazg
Copy link

@mozillazg mozillazg commented Jul 26, 2025
edited
Loading

  • I added CHANGELOG entry for this change.
  • Change is not relevant to the end user.

Changes

Introduces the sdk_auth: true configuration option.

When enabled, the application will use the Alibaba Cloud SDK's default credential provider to obtain credentials. This allows for keyless authentication methods such as RRSA (for Kubernetes) and IMDS (for ECS instances), improving security by avoiding hardcoded keys.

Closes #151

Verification

mozillazg added 3 commits July 26, 2025 06:11
@mozillazg
oss: Add sdk_auth config to support more authentication methods
8b798be 
Introduces the `sdk_auth: true` configuration option.

When enabled, the application will use the Alibaba Cloud SDK's default credential provider to obtain credentials.
This allows for keyless authentication methods such as RRSA (for Kubernetes) and IMDS (for ECS instances),
improving security by avoiding hardcoded keys.

Signed-off-by: mozillazg <[email protected]>
@mozillazg
fix lint
23196e3 
Signed-off-by: mozillazg <[email protected]>
@mozillazg
update changelog
bcc00df 
Signed-off-by: mozillazg <[email protected]>
@sousa-miguel
Copy link

sousa-miguel commented Oct 30, 2025

Hey @mozillazg, what is missing on this PR? Maybe I can assist here.
We are starting to migrate stuff from aws-cn to alicloud and this feature would be handy :)

@mozillazg
Copy link
Author

mozillazg commented Nov 4, 2025

Hey @mozillazg, what is missing on this PR? Maybe I can assist here.

We are starting to migrate stuff from aws-cn to alicloud and this feature would be handy :)

@sousa-miguel I do not have time to test it yet. do you have any time to help me with testing? thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Thanos OSS(Aliyun) provider does not support IAM(RAM) role

2 participants

@mozillazg @sousa-miguel