Is your feature request related to a problem? Please describe.
We run some workloads on AWS Fargate, these workloads communicate to Bigquery. At the moment we can't use Workload Identity Federation because Fargate has neither Metadata endpoint, nor environment variables like AWS_ACCESS_KEY or AWS_SECRET_ACCESS_KEY, on Fargate credentials obtained using an environment variable AWS_CONTAINER_CREDENTIALS_RELATIVE_URI.
So we have to provision service account keys, secure them, rotate them etc
Describe the solution you'd like
I'd like to use Workload Identity Federation and not worry about service account keys.
Describe alternatives you've considered
Running EC2 instead of Fargate
Is your feature request related to a problem? Please describe. We run some workloads on AWS Fargate, these workloads communicate to Bigquery. At the moment we can't use Workload Identity Federation because Fargate has neither Metadata endpoint, nor environment variables like
AWS_ACCESS_KEYorAWS_SECRET_ACCESS_KEY, on Fargate credentials obtained using an environment variableAWS_CONTAINER_CREDENTIALS_RELATIVE_URI. So we have to provision service account keys, secure them, rotate them etcDescribe the solution you'd like I'd like to use Workload Identity Federation and not worry about service account keys.
Describe alternatives you've considered Running EC2 instead of Fargate
Additional context There are some workarounds in internet like https://stackoverflow.com/questions/70194948/connection-error-from-aws-fargete-to-gcp-bigquery-by-using-workload-identity (for Python). they all require patching auth logic