You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It is possible to configure S3 stores to make use of STS to gain temporary S3 credentials.
This is used when integrating into protocols such as OpenID connect or SAML into S3.
In order to support STS we require that the Quay code accepts a S3 Security Token.
We then also need to cycle the credentials on a continued basis.
The operator is a good fit for this as it can watch for when the token is going to expire, retrieve a new token from the OpenID connect provider, create the temporary credentials, inject these as a secret, instruct Quay to reload its secret.
The text was updated successfully, but these errors were encountered:
It is possible to configure S3 stores to make use of STS to gain temporary S3 credentials.
This is used when integrating into protocols such as OpenID connect or SAML into S3.
In order to support STS we require that the Quay code accepts a S3 Security Token.
We then also need to cycle the credentials on a continued basis.
The operator is a good fit for this as it can watch for when the token is going to expire, retrieve a new token from the OpenID connect provider, create the temporary credentials, inject these as a secret, instruct Quay to reload its secret.
The text was updated successfully, but these errors were encountered: