Credential encryption

Registered by Dolph Mathews on 2016-06-02

Blueprint information

Status:
Complete
Approver:
Steve Martinelli
Priority:
Medium
Drafter:
Dolph Mathews
Direction:
Approved
Assignee:
werner mendizabal
Definition:
Approved
Series goal:
Accepted for newton
Implementation:
Implemented
Milestone target:
milestone icon newton-rc1
Started by
Dolph Mathews on 2016-06-02
Completed by
Steve Martinelli on 2016-09-03

Related branches

Sprints

Whiteboard

Gerrit topic: https://review.openstack.org/#q,topic:bp/credential-encryption,n,z

Addressed by: https://review.openstack.org/317169
    Support encryption of credentials in Keystone

Addressed by: https://review.openstack.org/353762
    Pass key_repository and max_active_keys to FernetUtils

Addressed by: https://review.openstack.org/353761
    Make a FernetUtils class

Addressed by: https://review.openstack.org/353707
    Move fernet utils into keystone/common/

Addressed by: https://review.openstack.org/354494
    Add credential encryption exception

Addressed by: https://review.openstack.org/354495
    Add conf to support credential encryption

Addressed by: https://review.openstack.org/354496
    Create a fernet credential provider

Addressed by: https://review.openstack.org/354497
    Document the fernet credential provider

Addressed by: https://review.openstack.org/355056
    Add create and update methods to credential Manager

Addressed by: https://review.openstack.org/355057
    Implement encryptin of credentials at rest

Addressed by: https://review.openstack.org/355618
    Add key_hash column to credential table

Addressed by: https://review.openstack.org/356053
    Make KeyRepository shareable

Gerrit topic: https://review.openstack.org/#q,topic:bp/manage-migration,n,z

Gerrit topic: https://review.openstack.org/#q,topic:bug/1615024,n,z

Gerrit topic: https://review.openstack.org/#q,topic:bug/credential-encryption,n,z

Addressed by: https://review.openstack.org/360667
    Let upgrade tests control all 4 repositories at once

Addressed by: https://review.openstack.org/362122
    Add credential setup command

Addressed by: https://review.openstack.org/362348
    Fixes small grammar mistake in docstring

Addressed by: https://review.openstack.org/362453
    Add man page info for credential setup command

Addressed by: https://review.openstack.org/360723
    Only create triggers during a rolling upgrade

Gerrit topic: https://review.openstack.org/#q,topic:bug/1596500,n,z

Addressed by: https://review.openstack.org/366832
    Log warning if null key is used for encryption

Addressed by: https://review.openstack.org/366854
    Add docs for the null key

Addressed by: https://review.openstack.org/366831
    Introduce null key for credential encryption

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.

Subscribers

No subscribers.