Apologies, I wasn't aware that it was possible to update the ACLs for an existing secret through the Barbican API:
https://docs.openstack.org/barbican/latest/api/reference/acls.html#patch-v1-containers-uuid-acl
I've added an item to the PTG agenda to discuss using this to enable admin only move operations:
https://etherpad.opendev.org/p/nova-wallaby-ptg
Apologies, I wasn't aware that it was possible to update the ACLs for an existing secret through the Barbican API:
https:/ /docs.openstack .org/barbican/ latest/ api/reference/ acls.html# patch-v1- containers- uuid-acl
I've added an item to the PTG agenda to discuss using this to enable admin only move operations:
https:/ /etherpad. opendev. org/p/nova- wallaby- ptg