google-cloud-pubsub

How to use workload identity with GCP pubsub python client?


I am trying to use google-cloud-pubsub python client. All of the examples I have seen so far only seem to use key.json file for a specific service account. Is there a way to use GCP workload identity with this client library?


Solution

  • PubSub python client library supports various authentication methods and it is available from the google-auth library. You can authenticate using gcp workload identity federation and no service account key involved. Here is the documentation for different Workload identity pool providers that google supports and also refers to this stack link.