Not possible to customize barbican policies

Bug #1843741 reported by Erlon R. Cruz
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Barbican Charm
Triaged
Wishlist
Unassigned

Bug Description

In current charmed Barbican requires roles to function properly.
Unfortunately those roles have generic names which do not reflect the service they belong to:
admin, creator, observer, audit (see https://docs.openstack.org/barbican/stein/admin/access_control.html)

Barbican Charm should allow for a renaming of those roles, in order to make them more distinguishable for Admins/Users.
For example, in our environment we would like those roles to be named: "barbican-creator" "barbican-observer" "barbican-audit".

Revision history for this message
Ryan Beisner (1chb1n) wrote :

Please indicate the scope of OpenStack versions which apply to your specific scenario (ex. Bionic + Stein).

Also, what is the back-end? Is this for use with the Vault charm?

Generally-speaking, more use case information and user story detail will make it easier to design and prioritize this feature request.

Thank you.

Changed in charm-barbican:
status: New → Incomplete
Revision history for this message
Ryan Beisner (1chb1n) wrote :

I think this may be addressed by the policy.d work that is currently underway across all of OpenStack Charms. However, it would be helpful to gather the use case details and log that here:

OpenStack Version
Ubuntu Version
Sanitized bundle attachment

Revision history for this message
Erlon R. Cruz (sombrafam) wrote :

Thanks Ryan, here is the information:

OpenStack Version: Queens
Ubuntu Version: Xenial
Bundle: https://gist.github.com/sombrafam/a9bf2bda707e5d8dc9db67f7cedfab30
Erlon

Ryan Beisner (1chb1n)
Changed in charm-barbican:
status: Incomplete → New
Ryan Beisner (1chb1n)
summary: - Not possible to customize barbican polices
+ Not possible to customize barbican policies
Revision history for this message
Erlon R. Cruz (sombrafam) wrote :

FWIW, this approved spec[1] will likely solve this problem when its implemented.

[1] https://review.opendev.org/#/c/679421/

Changed in charm-barbican:
status: New → Triaged
importance: Undecided → Wishlist
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.