I need to publish messages to Google Cloud Pub/Sub without using OAuth or the Google SDK, but an Api Key instead (Similar to "how to publish to pub/sub with just an api key").
There is a guide on medium on how to secure Push Subscriptions, but I could not figure out how to configure Endpoints in a way so I can send a pub/sub publish request with just an api key.
Could you please share a matching example Endpoints configuration (yaml file)?
The article you are referring to in your post is about how to secure the destination endpoint (Calling from Pub/Sub using the push subscription), not how to secure Pub/Sub itself from HTTP Request.
If you have the need to Call Pub/Sub without use OAuth (using API Key instead) unfortunately is not out of the box and you need to implement some pieces.
Referring to the official documentation: https://cloud.google.com/pubsub/docs/authentication "Cloud Pub/Sub does not support API keys as an authentication method."
If you want to achieve this goal:
You need to create a Backend in front of Pub/Sub, put Cloud Endpoints (With an ESP https://cloud.google.com/endpoints/docs/openapi/deploy-api-backend) in front of the Backend with API Key security configured in the openapi.yaml and from the Backend make a call to Pub/Sub.
HTTP Request -> Cloud Endpoint (ESP in Compute Engine, App Engine, GKE, etc) -> Backend (Compute Engine, App Engine, GKE, etc) -> Pub/Sub
You can review the documentation of Cloud Endpoints (https://cloud.google.com/endpoints/docs) if you need more information about how to make the implementation.
