Puppet Class: keystone::federation

Defined in:
manifests/federation.pp

Overview

Class: keystone::federation

Parameters

trusted_dashboards

(Optional) URL list of trusted horizon servers. This setting ensures that keystone only sends token data back to trusted servers. This is performed as a precaution, specifically to prevent man-in- the-middle (MITM) attacks. Defaults to undef

remote_id_attribute

(Optional) Value to be used to obtain the entity ID of the Identity Provider from the environment. Defaults to undef

Parameters:

  • trusted_dashboards (Any) (defaults to: undef)
  • remote_id_attribute (Any) (defaults to: undef) 


17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
 
# File 'manifests/federation.pp', line 17

class keystone::federation (
  $trusted_dashboards  = undef,
  $remote_id_attribute = undef,
) {

  include keystone::deps

  keystone_config {
    'federation/trusted_dashboard': value  => any2array($trusted_dashboards);
  }

  if $remote_id_attribute {
    keystone_config {
      'federation/remote_id_attribute': value => $remote_id_attribute;
    }
  }
}