Storing authentication secrets in access mappings

Registered by John Spray

Where access control is built into a storage system (such as Ceph), granting access to a share may implicitly create a shared secret for accessing the share. It is proposed to enable drivers to return such a secret from update_access(), store it in a new attribute of ShareAccessMapping, and expose that attribute in the API.

Previous discussion:
 * openstack-dev thread: http://osdir.com/ml/openstack-dev/2015-10/msg01946.html

Blueprint information

Status:
Complete
Approver:
None
Priority:
Undefined
Drafter:
Ramana Raja
Direction:
Needs approval
Assignee:
Ramana Raja
Definition:
Approved
Series goal:
Proposed for newton
Implementation:
Implemented
Milestone target:
milestone icon newton-3
Started by
Ramana Raja
Completed by
Ramana Raja

Related branches

Sprints

Whiteboard

Gerrit topic: https://review.openstack.org/#q,topic:bp/auth-access-keys,n,z

Addressed by: https://review.openstack.org/322971
    Add spec for storing auth secrets in access map

Addressed by: https://review.openstack.org/343306
    add access_key to share_access_map

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.

Subscribers

No subscribers.