Skip to content

How to authenticate without the the .json.keyfile configuration #1528

@olefSch

Description

@olefSch

I am looking for a way to connect properly form my Databricks Azure Workspace to connect securely to our Google CLoud storage from a GCP Project.

The current option is the following configuration via the keyfile:

spark.sparkContext._jsc.hadoopConfiguration().set(  # type: ignore
    "google.cloud.auth.service.account.json.keyfile", file_var_for_path
)

other options I saw where following

spark.hadoop.google.cloud.auth.service.account.enable.<bucket-name> true
spark.hadoop.fs.gs.auth.service.account.email.<bucket-name> <client-email>
spark.hadoop.fs.gs.project.id.<bucket-name> <project-id>
spark.hadoop.fs.gs.auth.service.account.private.key.<bucket-name> {{secrets/scope/gsa_private_key}}
spark.hadoop.fs.gs.auth.service.account.private.key.id.<bucket-name> {{secrets/scope/gsa_private_key_id}}

Is there any way to do it smoothly without having multiple env vars to maintain or a keyfile which we need to store somewhere. This is also not that cool because we need to store this temporary. I also do not like the approach of setting up the connection to the bucket via the UI because I want to keep things as code.

I hope there is the cool and smooth solution for that.
Thanks already for the help.

PS: Hopefully right place to ask

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions