Puppet Class: keystone::federation

Defined in:
manifests/federation.pp

Overview

Class: keystone::federation

Parameters

trusted_dashboards

(Optional) URL list of trusted horizon servers. This setting ensures that keystone only sends token data back to trusted servers. This is performed as a precaution, specifically to prevent man-in- the-middle (MITM) attacks. Defaults to $facts

remote_id_attribute

(Optional) Value to be used to obtain the entity ID of the Identity Provider from the environment. Defaults to $facts

Parameters:

  • trusted_dashboards (Any) (defaults to: $facts['os_service_default'])
  • remote_id_attribute (Any) (defaults to: $facts['os_service_default']) 


17
18
19
20
21
22
23
24
25
26
27
28
 
# File 'manifests/federation.pp', line 17

class keystone::federation (
  $trusted_dashboards  = $facts['os_service_default'],
  $remote_id_attribute = $facts['os_service_default'],
) {

  include keystone::deps

  keystone_config {
    'federation/trusted_dashboard':   value => $trusted_dashboards;
    'federation/remote_id_attribute': value => $remote_id_attribute;
  }
}