Thread
#data-architecture-discussion
    c

    Comte Frédéric

    1 month ago
    I mean having an endpoint to get temporary access to lakeFS with oidc ?
    Adi Polak

    Adi Polak

    1 month ago
    Hi @Comte Frédéric 👋 lakeFS release - v0.70.1 support OIDC as default login (#3617), is that what you were looking for?
    c

    Comte Frédéric

    1 month ago
    nop
    <http://minio.cluster:9000?Action=AssumeRoleWithWebIdentity&DurationSeconds=3600&WebIdentityToken=eyJ4NXQiOiJOVEF4Wm1NeE5ETXlaRGczTVRVMVpHTTBNekV6T0RKaFpXSTRORE5sWkRVMU9HRmtOakZpTVEiLCJraWQiOiJOVEF4Wm1NeE5ETXlaRGczTVRVMVpHTTBNekV6T0RKaFpXSTRORE5sWkRVMU9HRmtOakZpTVEiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiJQb0VnWFA2dVZPNDVJc0VOUm5nRFhqNUF1NVlhIiwiYXpwIjoiUG9FZ1hQNnVWTzQ1SXNFTlJuZ0RYajVBdTVZYSIsImlzcyI6Imh0dHBzOlwvXC9sb2NhbGhvc3Q6OTQ0M1wvb2F1dGgyXC90b2tlbiIsImV4cCI6MTU0MTgwOTU4MiwiaWF0IjoxNTQxODA1OTgyLCJqdGkiOiI2Y2YyMGIwZS1lNGZmLTQzZmQtYTdiYS1kYTc3YTE3YzM2MzYifQ.Jm29jPliRvrK6Os34nSK3rhzIYLFjE__zdVGNng3uGKXGKzP3We_i6NPnhA0szJXMOKglXzUF1UgSz8MctbaxFS8XDusQPVe4LkB_45hwBm6TmBxzui911nt-1RbBLN_jZIlvl2lPrbTUH5hSn9kEkph6seWanTNQpz9tNEoVa6R_OX3kpJqxe8tLQUWw453A1JTwFNhdHa6-f1K8_Q_eEZ_4gOYINQ9t_fhTibdbkXZkJQFLop-Jwoybi9s4nwQU_dATocgcufq5eCeNItQeleT-23lGxIz0X7CiJrJynYLdd-ER0F77SumqEb5iCxhxuf4H7dovwd1kAmyKzLxpw&Version=2011-06-15>
    this kind of request to get S3 session token
    Itai Admi

    Itai Admi

    1 month ago
    Hi Comte, lakeFS uses the golang AWS sdk which supports web identity role assumption out of the box. There's no special handling needed in lakeFS to support that. If something isn't working, make sure the proper AWS env vars are being passed to lakeFS so that the sdk knows where to pick up the tokens from.
    c

    Comte Frédéric

    1 month ago
    As a user of lakefs i can do that : https://lakefs/?action=AssumeRolewithIdentity?
    there is an sts endpoint in lakefs ?
    Itai Admi

    Itai Admi

    1 month ago
    Oh sorry, I thought you meant configurating lakeFS to authenticate to AWS using assuming role. lakeFS doesn't have an STS endpoint. Would you mind opening a github issue with the feature request and the use case so that we can prioritize it? 🙂
    c

    Comte Frédéric

    1 month ago
    I can open a github issue. But i have no use case. I am a minio user and I use a lot this STS endpoint