I tend to agree with you Keith, securing Heat is Heat's problem.
Securing Nova is nova's problem. And I too would expect that those with
admin access to Heat, would not have admin access to Nova. That is why
we split these things up with API's.
I still prefer that users encrypt secrets on the clie
On 6/11/14 2:43 AM, "Steven Hardy" wrote:
>>IMO, when a template author marks a parameter as hidden/secret, it seems
>>incorrect to store that information in plain text.
>
>Well I'd still question why we're doing this, as my previous questions
>have
>not been answered:
>- AFAIK nova user-data i
On Tue, Jun 10, 2014 at 05:24:36PM +, Vijendar Komalla wrote:
> Hi Devs/All,
> Does any one have comments/objections for following interim solution?
> 1. Add a config option to enable/disable parameter encryption and set
> default value to disable
> 2. Encrypt parameters that were marked as hid
Hi Devs/All,
Does any one have comments/objections for following interim solution?
1. Add a config option to enable/disable parameter encryption and set
default value to disable
2. Encrypt parameters that were marked as hidden or encrypt all parameters
IMO, when a template author marks a parameter
I am not sure when Barbican would be stable/ready. As an interim solution,
what do you guys think about having a config option to enable/disable
parameter encryption (along with my current implementation)?
On 6/5/14 4:23 AM, "Steven Hardy" wrote:
>On Thu, Jun 05, 2014 at 12:17:07AM +, Rand
Excerpts from Steven Hardy's message of 2014-06-05 02:23:40 -0700:
> On Thu, Jun 05, 2014 at 12:17:07AM +, Randall Burt wrote:
> > On Jun 4, 2014, at 7:05 PM, Clint Byrum
> > wrote:
> >
> > > Excerpts from Zane Bitter's message of 2014-06-04 16:19:05 -0700:
> > >> On 04/06/14 15:58, Vijendar
On Thu, Jun 05, 2014 at 12:17:07AM +, Randall Burt wrote:
> On Jun 4, 2014, at 7:05 PM, Clint Byrum
> wrote:
>
> > Excerpts from Zane Bitter's message of 2014-06-04 16:19:05 -0700:
> >> On 04/06/14 15:58, Vijendar Komalla wrote:
> >>> Hi Devs,
> >>> I have submitted an WIP review (https://re
On Jun 4, 2014, at 7:30 PM, Clint Byrum
wrote:
> Excerpts from Randall Burt's message of 2014-06-04 17:17:07 -0700:
>> On Jun 4, 2014, at 7:05 PM, Clint Byrum
>> wrote:
>>
>>> Excerpts from Zane Bitter's message of 2014-06-04 16:19:05 -0700:
On 04/06/14 15:58, Vijendar Komalla wrote:
Excerpts from Randall Burt's message of 2014-06-04 17:17:07 -0700:
> On Jun 4, 2014, at 7:05 PM, Clint Byrum
> wrote:
>
> > Excerpts from Zane Bitter's message of 2014-06-04 16:19:05 -0700:
> >> On 04/06/14 15:58, Vijendar Komalla wrote:
> >>> Hi Devs,
> >>> I have submitted an WIP review (https
On Jun 4, 2014, at 7:05 PM, Clint Byrum
wrote:
> Excerpts from Zane Bitter's message of 2014-06-04 16:19:05 -0700:
>> On 04/06/14 15:58, Vijendar Komalla wrote:
>>> Hi Devs,
>>> I have submitted an WIP review (https://review.openstack.org/#/c/97900/)
>>> for Heat parameters encryption blueprint
Excerpts from Zane Bitter's message of 2014-06-04 16:19:05 -0700:
> On 04/06/14 15:58, Vijendar Komalla wrote:
> > Hi Devs,
> > I have submitted an WIP review (https://review.openstack.org/#/c/97900/)
> > for Heat parameters encryption blueprint
> > https://blueprints.launchpad.net/heat/+spec/encry
On 04/06/14 15:58, Vijendar Komalla wrote:
Hi Devs,
I have submitted an WIP review (https://review.openstack.org/#/c/97900/)
for Heat parameters encryption blueprint
https://blueprints.launchpad.net/heat/+spec/encrypt-hidden-parameters
This quick and dirty implementation encrypts all the paramete
Hi Devs,
I have submitted an WIP review (https://review.openstack.org/#/c/97900/)
for Heat parameters encryption blueprint
https://blueprints.launchpad.net/heat/+spec/encrypt-hidden-parameters
This quick and dirty implementation encrypts all the parameters on on
Stack 'store' and decrypts on on Sta
13 matches
Mail list logo
