Not possible to customize barbican policies

Bug #1843741 reported by Erlon R. Cruz on 2019-09-12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Barbican Charm

Bug Description

In current charmed Barbican requires roles to function properly.
Unfortunately those roles have generic names which do not reflect the service they belong to:
admin, creator, observer, audit (see

Barbican Charm should allow for a renaming of those roles, in order to make them more distinguishable for Admins/Users.
For example, in our environment we would like those roles to be named: "barbican-creator" "barbican-observer" "barbican-audit".

Ryan Beisner (1chb1n) wrote :

Please indicate the scope of OpenStack versions which apply to your specific scenario (ex. Bionic + Stein).

Also, what is the back-end? Is this for use with the Vault charm?

Generally-speaking, more use case information and user story detail will make it easier to design and prioritize this feature request.

Thank you.

Changed in charm-barbican:
status: New → Incomplete
Ryan Beisner (1chb1n) wrote :

I think this may be addressed by the policy.d work that is currently underway across all of OpenStack Charms. However, it would be helpful to gather the use case details and log that here:

OpenStack Version
Ubuntu Version
Sanitized bundle attachment

Erlon R. Cruz (sombrafam) wrote :

Thanks Ryan, here is the information:

OpenStack Version: Queens
Ubuntu Version: Xenial

Ryan Beisner (1chb1n) on 2019-09-12
Changed in charm-barbican:
status: Incomplete → New
Ryan Beisner (1chb1n) on 2019-10-23
summary: - Not possible to customize barbican polices
+ Not possible to customize barbican policies
Erlon R. Cruz (sombrafam) wrote :

FWIW, this approved spec[1] will likely solve this problem when its implemented.


Changed in charm-barbican:
status: New → Triaged
importance: Undecided → Wishlist
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers