On 11/8/2016 4:12 PM, Gage Hugo wrote:
This spec was discussed at the keystone meeting today and during the
conversation that continued afterwards, an idea of using the keystone
configuration to set a list of keys was mentioned.
The idea is that a cloud admin could define a list of keys that they
need for their setup within keystone's configuration file, then only
those keys will be valid for storing values in the project properties
table. Then each call would check against the list of valid keys and
deny any calls that are sent with an invalid key.
This idea seems to help with the issue to avoid allowing anyone to throw
any arbitrary values into these project properties vs just a set number
of values.
So...completely undiscoverable and cloud-specific? That doesn't sound
very interoperable.
--
Thanks,
Matt Riedemann
__________________________________________________________________________
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: [email protected]?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
