aboutsummaryrefslogtreecommitdiffstats
path: root/puppet/services
diff options
context:
space:
mode:
authorJenkins <jenkins@review.openstack.org>2017-06-16 16:34:53 +0000
committerGerrit Code Review <review@openstack.org>2017-06-16 16:34:53 +0000
commitd10741e526f7868a2330014f35678d327b4984a2 (patch)
treebdd681855154dffb5e8269df7f80776381c0406a /puppet/services
parent6faea7a26b75b8e4db348be737c2bdaa3ec6b125 (diff)
parent4ec13cc91bd9003b3baf7af140c80d517c88f868 (diff)
Merge "Make fernet max active keys configurable"
Diffstat (limited to 'puppet/services')
-rw-r--r--puppet/services/keystone.yaml5
1 files changed, 5 insertions, 0 deletions
diff --git a/puppet/services/keystone.yaml b/puppet/services/keystone.yaml
index af494016..60d194bc 100644
--- a/puppet/services/keystone.yaml
+++ b/puppet/services/keystone.yaml
@@ -122,6 +122,10 @@ parameters:
KeystoneFernetKeys:
type: json
description: Mapping containing keystone's fernet keys and their paths.
+ KeystoneFernetMaxActiveKeys:
+ type: number
+ description: The maximum active keys in the keystone fernet key repository.
+ default: 5
ManageKeystoneFernetKeys:
type: boolean
default: true
@@ -258,6 +262,7 @@ outputs:
keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
keystone::token_provider: {get_param: KeystoneTokenProvider}
keystone::enable_fernet_setup: {if: [keystone_fernet_tokens, true, false]}
+ keystone::fernet_max_active_keys: {get_param: KeystoneFernetMaxActiveKeys}
keystone::enable_proxy_headers_parsing: true
keystone::enable_credential_setup: true
keystone::credential_keys: