I am using Google Cloud Workflows to call a BigQuery stored procedure and am using the http.post function in order to do so by calling the bigquery API:
- postCallMyStoredProc:
call: http.post
args:
url: https://bigquery.googleapis.com/bigquery/v2/projects/myproject/jobs
body: {
"configuration": {
"query": {
"query": "call mydataset.my-stored-procedure()",
"useLegacySql": false
}
}
}
auth:
type: OAuth2
I am interested to know what information can be supplied for the auth argument, the documentation at https://cloud.google.com/workflows/docs/reference/stdlib/http/post is rather lacking in this regard. All it states is:
auth : Optional authentication properties. If present, must be a dictionary, with type attribute in ["OIDC", "OAuth2"].
It doesn't tell me in what circumstance each of those options (OIDC or OAuth2) should be used.
My reason for asking is that the stored procedure is getting executed as the service account that my workflow is running as - which makes complete sense of course. I would like to know if there is a way to specify a different service account for my postCallMyStoredProc step using the auth argument?
Upon reading https://cloud.google.com/workflows/docs/authentication#making_authenticated_requests it seems that the answer to my question is “no”.