filter endpoints based on scope

Registered by Guang Yee on 2013-03-06

Currently Keystone returns all endpoints in the service catalog, regardless whether users have access to them or not. This is neither necessary nor efficient.
We need to establish project-endpoints relationship so we can effectively assign endpoints to a given project, and be able to filter endpoints returned in the service catalog based on the token scope.

Blueprint information

Status:
Complete
Approver:
None
Priority:
Low
Drafter:
Guang Yee
Direction:
Needs approval
Assignee:
Fabio Giannetti
Definition:
Drafting
Series goal:
Accepted for havana
Implementation:
Implemented
Milestone target:
milestone icon 2013.2
Started by
Dolph Mathews on 2013-08-06
Completed by
Dolph Mathews on 2013-08-28

Related branches

Sprints

Whiteboard

https://etherpad.openstack.org/havana-endpoint-filtering

I separated the "optional catalog" portion of this blueprint into a new one, please reduce the scope of this blueprint accordingly (see https://blueprints.launchpad.net/keystone/+spec/catalog-optional )

if I understood correctly, the ultimate goal here was to encrypt a token for exclusive consumption by a specific service? so why fuss with superficial changes on the catalog at all?

<gyee> this one is unrelated to the encrypt-token-for-endpoint goal. This BP is aim to reduce the size of the catalog. There's no point of return all endpoints if user have to access to them. One "good" side-effect of this may also solved the PKI token size limit problem as well.

Gerrit topic: https://review.openstack.org/#q,topic:bp/endpoint-filtering,n,z

Addressed by: https://review.openstack.org/33118 (merged)
    Project to Endpoint association for catalog filtering

revised as 'slow progress' due to the implementation consistently failing jenkins

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.