[Bug 1796851] Re: vault: add support for AppRole authentication

OpenStack Infra 1796851 at bugs.launchpad.net
Wed Jan 23 22:16:25 UTC 2019 

Reviewed:  https://review.openstack.org/609332
Committed: https://git.openstack.org/cgit/openstack/castellan/commit/?id=bc7f7a4c361791727e23dab82a8abe7351483ef8
Submitter: Zuul
Branch:    master

commit bc7f7a4c361791727e23dab82a8abe7351483ef8
Author: James Page <james.page at ubuntu.com>
Date:   Wed Oct 10 10:07:11 2018 +0100

    vault: add AppRole support
    
    Add support for use of AppRole's for authentication to Vault; this
    feature provides a more application centric approach to managing
    long term access to Vault.
    
    The functional tests exercise this integration with a restricted
    policy which only allows access to the default 'secret' backend.
    
    Change-Id: I59dfe31adb72712c53d49f66d9ac894e43e8bbad
    Closes-Bug: 1796851


** Changed in: castellan
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to barbican in Ubuntu.
https://bugs.launchpad.net/bugs/1796851

Title:
  vault: add support for AppRole authentication

Status in castellan:
  Fix Released
Status in barbican package in Ubuntu:
  Fix Released
Status in python-castellan package in Ubuntu:
  Fix Released

Bug description:
  Vault provides a nice way for applications to integrate with its API:

    https://www.vaultproject.io/docs/auth/approle.html

  
  As the authentication method has two components (role_id and secret_id) is easy to automate distribution of credentials by providing the role_id but response wrapping the secret_id with access via a one shot, IP address restricted token.

  It would be nice is castellan and barbican supported this approach.

To manage notifications about this bug go to:
https://bugs.launchpad.net/castellan/+bug/1796851/+subscriptions

More information about the Ubuntu-openstack-bugs mailing list