Please vote on this issue by adding a :thumbsup: reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment
Tell us about the feature
The pgbackrest configuration could potentially benefit of having extra flags "-repo-s3-key-type" & "-repo-s3-role" available in cr.yaml.
Example use case is when the PGO is deployed in AWS EKS environment. If there is a S3 IAM role which is attach to the EC2 instances part of the k8s cluster. Then having this two flags, will enable the use of AWS IAM role to provide access to the S3 bucket (for storing backups), without the need of creating and providing dedicated AWS IAM User. In short it will simplify greatly the deployment process in AWS. I believe the same is true for GCP, but I can not confirm for sure.
UPD:
This ticket might not have the same solution as described above, but the problem remains: it is not possible to use various cloud mechanisms to authenticate on the object storage. For example, AWS IAM role to auth on S3 bucket.
Community Note
Tell us about the feature
The pgbackrest configuration could potentially benefit of having extra flags "-repo-s3-key-type" & "-repo-s3-role" available in cr.yaml.
Example use case is when the PGO is deployed in AWS EKS environment. If there is a S3 IAM role which is attach to the EC2 instances part of the k8s cluster. Then having this two flags, will enable the use of AWS IAM role to provide access to the S3 bucket (for storing backups), without the need of creating and providing dedicated AWS IAM User. In short it will simplify greatly the deployment process in AWS. I believe the same is true for GCP, but I can not confirm for sure.
UPD:
This ticket might not have the same solution as described above, but the problem remains: it is not possible to use various cloud mechanisms to authenticate on the object storage. For example, AWS IAM role to auth on S3 bucket.
Link to JIRA