Open Ruthwik opened 3 months ago
I am also facing the similar issue. Did you find any solution?
I don't think this can be done through grpc, see. However, I do think this could be done using our REST transport. You should be able to configure a client to use mTLS or use the agent parameter like bigquery. In order to do this you'll need to instantiate using the googleapis library, like so:
const {google} = require('googleapis/cloudkms');
const cloudkms = google.cloudkms('v1');
and in the request, you can send a second parameter (options) that extends GaxiosOptions
@Ruthwik did this work for you?
@sofisl I will post here once I try these changes. It requires a change of our current libraries.
'@google-cloud/kms'
Is it also the same for monitoring client? '@google-cloud/monitoring'
We are using Nodejs MetricServiceClient/KeyManagementServiceClient client in our product. How do we enable server certificate verification in the MetricServiceClient/KeyManagementServiceClient client? We want to enable client-side verification of server certificates with our CA bundle. We've explored the options of MetricServiceClient/KeyManagementServiceClient but couldn't find any.
In the case of other cloud providers we have found a way to pass the CA bundle in the options where the client verifies.
Example for AWS
In the above example, If rejectUnauthorized is true the server will reject any connection which is not authorized with the list of supplied CAs. I also found the it is different for services and client in google nodejs SDK.
@beccasaurus @blowmage