Use Keystone Trusts to avoid storing user credentials

Registered by Rohan on 2014-04-03

Use keystone trusts to talk to various services (Heat) from tuskar. Stop storing user credential in conf file. Create and use Keystone trusts and store these user credentials like trust_id, trustee_id, roles, trustor_id etc in DB.

- Need db model for user credentials
- Need migration for this db model.
- Need modified keystone client that will use these user credentials from db to create trust tokens whenever tuskar talks to Heat
- Need to create and delete trusts while Creating and deleting Overclouds in tuskar api.

Blueprint information

Status:
Not started
Approver:
Ladislav Smola
Priority:
High
Drafter:
Rohan
Direction:
Approved
Assignee:
Rohan
Definition:
Approved
Series goal:
None
Implementation:
Unknown
Milestone target:
None

Whiteboard

Gerrit topic: https://review.openstack.org/#q,topic:bp/tuskar-keystone-trusts,n,z

Addressed by: https://review.openstack.org/94937
    Adds user_creds table for storing keystone trusts

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.

Subscribers

No subscribers.