tacker

Add a common account to obtain all barbican's secret.

Registered by Yan Xing'an

In current implementation [1], a registered vim's password is encoded by fernet, and the fernet key is saved in barbican as a secret. With barbican's default policy, only who created the secret can obtain the secret, which lead to a problem: registered vim can not be shared by other tenant.
But now we want to split the policy execution into mistral workflow, in this case, we want to obtain all vim's password to do some VNF LCM operation.
This BP's goal is to support a shared account to obtain barbican's secrets.

1. https://blueprints.launchpad.net/tacker/+spec/encryption-with-barbican

Blueprint information

Status:
Not started
Approver:
None
Priority:
Undefined
Drafter:
Yan Xing'an
Direction:
Needs approval
Assignee:
Yan Xing'an
Definition:
New
Series goal:
None
Implementation:
Unknown
Milestone target:
None

Related branches

Sprints

Whiteboard

Gerrit topic: https://review.openstack.org/#q,topic:bp/shared-barbican-secret,n,z

Addressed by: https://review.openstack.org/579620
    Support shared vim for policy action execution

Addressed by: https://review.openstack.org/579724
    [WIP]Support shared vim for policy action execution

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.
Edit subscription

Subscribers

No subscribers.