14a2bd8c4f
Defining operator_roles in swift-proxy.conf requires that these roles exist in keystone. Because Keystone API access is not available on Swift proxy hosts in most cases, operator_roles keystone roles have been added to swift::keystone::auth class. Added basic docs for swift::keystone::auth Change-Id: Ib8454f8ae1316d2589ff228ec1424c6cff69c6b5 Closes-Bug: #1261662
32 lines
902 B
Puppet
32 lines
902 B
Puppet
#
|
|
# This class can be sed to manage keystone middleware for swift proxy
|
|
#
|
|
# == Parameters
|
|
# [operator_roles] a list of keystone roles a user must have to gain
|
|
# access to Swift.
|
|
# Optional. Defaults to ['admin', 'SwiftOperator']
|
|
# Must be an array of strings
|
|
# Swift operator roles must be defined in swift::keystone::auth because
|
|
# keystone API access is usually not available on Swift proxy nodes.
|
|
# [is_admin] Set to true to allow users to set ACLs on their account.
|
|
# Optional. Defaults to true.
|
|
#
|
|
# == Authors
|
|
#
|
|
# Dan Bode dan@puppetlabs.com
|
|
# Francois Charlier fcharlier@ploup.net
|
|
#
|
|
|
|
class swift::proxy::keystone(
|
|
$operator_roles = ['admin', 'SwiftOperator'],
|
|
$is_admin = true
|
|
) {
|
|
|
|
concat::fragment { 'swift_keystone':
|
|
target => '/etc/swift/proxy-server.conf',
|
|
content => template('swift/proxy/keystone.conf.erb'),
|
|
order => '79',
|
|
}
|
|
|
|
}
|