Barbican

VM Integration

Registered by Kevin Fox on 2015-02-26

Currently it is very manual to get secrets to vm's. You have to create service accounts and without secret/container level permissions, whole tenants. You then need to get credentials to the vm somehow.

If its hard, users won't do it, and will end up doing bad things like simply putting keys in the nova metadata.

There needs to be a much more user friendly way of letting vm's get access to secrets stored in barbican.

The spec will specify exactly how this work.

Read the full specification

Blueprint information

Status:: Not started

Approver:: None

Priority:: Undefined

Drafter:: Kevin Fox

Direction:: Needs approval

Assignee:: None

Definition:: New

Series goal:: None

Implementation:: Unknown

Milestone target:: None

Related branches

Related bugs

Sprints

Whiteboard

Gerrit topic: https://review.openstack.org/#q,topic:bp/vm-integration,n,z

Addressed by: https://review.openstack.org/159573
VM Integration

(?)

Work Items

This blueprint contains Public information

Everyone can see this information.

Subscribers

No subscribers.