diff options
Diffstat (limited to 'doc/administration/object_storage.md')
-rw-r--r-- | doc/administration/object_storage.md | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/doc/administration/object_storage.md b/doc/administration/object_storage.md index 8576b429213..c6490e365a5 100644 --- a/doc/administration/object_storage.md +++ b/doc/administration/object_storage.md @@ -281,6 +281,9 @@ The service account must have permission to access the bucket. Learn more in Google's [Cloud Storage authentication documentation](https://cloud.google.com/storage/docs/authentication). +NOTE: +Bucket encryption with the [Cloud Key Management Service (KMS)](https://cloud.google.com/kms/docs) is not supported and will result in [ETag mismatch errors](#etag-mismatch). + ##### Google example (consolidated form) For Omnibus installations, this is an example of the `connection` setting: @@ -354,7 +357,7 @@ gitlab_rails['object_store']['connection'] = { 'provider' => 'AzureRM', 'azure_storage_account_name' => '<AZURE STORAGE ACCOUNT NAME>', 'azure_storage_access_key' => '<AZURE STORAGE ACCESS KEY>', - 'azure_storage_domain' => '<AZURE STORAGE DOMAIN>', + 'azure_storage_domain' => '<AZURE STORAGE DOMAIN>' } ``` @@ -682,6 +685,8 @@ With the consolidated object configuration and instance profile, Workhorse has S3 credentials so that it can compute the `Content-MD5` header. This eliminates the need to compare ETag headers returned from the S3 server. +Encrypting buckets with GCS' [Cloud Key Management Service (KMS)](https://cloud.google.com/kms/docs) is not supported and will result in ETag mismatch errors. + ### Using Amazon instance profiles Instead of supplying AWS access and secret keys in object storage |