AWS credentials delegation to S3/Swift3

Bug #1075051 reported by Attila Fazekas
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Compute (nova)
Won't Fix
Wishlist
Unassigned
ec2-api
Fix Released
Undecided
Unassigned

Bug Description

Now (openstack-nova-api-2012.2-1.fc18) , when the nova tries to connect to the S3 storage it tries to use the credentials "hard coded" to the config file.
It means every RegisterImage call will use the same tenant credentials instead of their own tenant credentials.

I think nova should delegate authentication to the swift backed, even by using other access method with the original requester permissions/roles.

Note1:
Probably this behaviour originated the days where the nova-objectstore used and it does not validated credentials.
Note2: Part of AWS credential is a signature of the request by the secret key, simple forwarding probably will not work.

Tags: ec2
description: updated
description: updated
description: updated
Changed in nova:
status: New → Confirmed
importance: Undecided → Wishlist
tags: added: ec2
Changed in ec2-api:
status: New → Fix Released
Changed in nova:
status: Confirmed → Won't Fix
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers