c85beff334
Adding barbican configuration to Swift will allow enabling data-at-rest encryption in Swift. Change-Id: I78c6003f5f599a422193dc47422ee607ce05c715 Signed-off-by: Thiago da Silva <thiago@redhat.com>
28 lines
702 B
Puppet
28 lines
702 B
Puppet
#
|
|
# Configure Swift encryption.
|
|
#
|
|
# == Examples
|
|
#
|
|
# include ::swift::proxy::encryption
|
|
#
|
|
# == Parameters
|
|
#
|
|
# [*disable_encryption*]
|
|
# By default all PUT or POST'ed object data and/or metadata will be encrypted.
|
|
# Encryption of new data and/or metadata may be disabled by setting
|
|
# disable_encryption to True. However, all encryption middleware should remain
|
|
# in the pipeline in order for existing encrypted data to be read.
|
|
#
|
|
class swift::proxy::encryption (
|
|
$disable_encryption = false
|
|
) {
|
|
|
|
include ::swift::deps
|
|
|
|
swift_proxy_config {
|
|
'filter:encryption/use': value => 'egg:swift#encryption';
|
|
'filter:encryption/disable_encryption': value => $disable_encryption;
|
|
}
|
|
}
|
|
|