mirror of
https://git.mirrors.martin98.com/https://github.com/ceph/ceph-csi.git
synced 2025-08-05 05:10:39 +08:00
4f0bb2315b
With Amazon STS and kubernetes cluster is configured with OIDC identity provider, credentials to access Amazon KMS can be fetched using oidc-token(serviceaccount token). Each tenant/namespace needs to create a secret with aws region, role and CMK ARN. Ceph-CSI will assume the given role with oidc token and access aws KMS, with given CMK to encrypt/decrypt DEK which will stored in the image metdata. Refer: https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html Resolves: #2879 Signed-off-by: Rakshith R <rar@redhat.com>
17 lines
411 B
Go
17 lines
411 B
Go
// Copyright 2017, The Go Authors. All rights reserved.
|
|
// Use of this source code is governed by a BSD-style
|
|
// license that can be found in the LICENSE file.
|
|
|
|
//go:build purego
|
|
// +build purego
|
|
|
|
package cmp
|
|
|
|
import "reflect"
|
|
|
|
const supportExporters = false
|
|
|
|
func retrieveUnexportedField(reflect.Value, reflect.StructField, bool) reflect.Value {
|
|
panic("no support for forcibly accessing unexported fields")
|
|
}
|