summaryrefslogtreecommitdiffstats
path: root/heat.yaml
diff options
context:
space:
mode:
Diffstat (limited to 'heat.yaml')
-rw-r--r--heat.yaml40
1 files changed, 28 insertions, 12 deletions
diff --git a/heat.yaml b/heat.yaml
index 0312a147..4c64983d 100644
--- a/heat.yaml
+++ b/heat.yaml
@@ -34,16 +34,32 @@ Parameters:
Type: String
Default: https://raw.github.com/openstack-ops/templates/master/
Resources:
+ EngineAccessPolicy:
+ Type: OS::Heat::AccessPolicy
+ Properties:
+ AllowedResources: [ HeatEngine ]
EngineUser:
- Type: AWS::CloudFormation::Stack
- TemplateURL: {Fn::Join: [ {Ref: TemplateURL} , 'generic-user.yaml' ]}
- Parameters:
- AccessList: [ HeatEngine ]
+ Type: AWS::IAM::User
+ Properties:
+ Policies: [ { Ref: EngineAccessPolicy } ]
+ EngineKey:
+ Type: AWS::IAM::AccessKey
+ Properties:
+ UserName:
+ Ref: EngineUser
+ ApiAccessPolicy:
+ Type: OS::Heat::AccessPolicy
+ Properties:
+ AllowedResources: [ HeatAPI, HeatAPILaunch ]
ApiUser:
- Type: AWS::CloudFormation::Stack
- TemplateURL: {Fn::Join: [ {Ref: TemplateURL} , 'generic-user.yaml' ]}
- Parameters:
- AccessList: [ HeatAPI, HeatAPILaunch ]
+ Type: AWS::IAM::User
+ Properties:
+ Policies: [ { Ref: ApiAccessPolicy } ]
+ ApiKey:
+ Type: AWS::IAM::AccessKey
+ Properties:
+ UserName:
+ Ref: ApiUser
HeatAPILaunch:
Type: AWS::AutoScaling::LaunchConfiguration
Metadata:
@@ -54,9 +70,9 @@ Resources:
host: {Ref: RabbitMQHost}
password: {Ref: RabbitMQPassword}
access_key_id:
- Fn::GetAtt: [ ApiUser, AccessKeyId ]
+ Ref: ApiKey
secret_key:
- Fn::GetAtt: [ ApiUser, SecretAccessKey ]
+ Fn::GetAtt: [ ApiKey, SecretAccessKey ]
stack:
name: {Ref: 'AWS::StackName'}
region: {Ref: 'AWS::Region'}
@@ -86,9 +102,9 @@ Resources:
host: {Ref: RabbitMQHost}
password: {Ref: RabbitMQPassword}
access_key_id:
- Fn::GetAtt: [ EngineUser, AccessKeyId ]
+ Ref: EngineKey
secret_key:
- Fn::GetAtt: [ EngineUser, SecretAccessKey ]
+ Fn::GetAtt: [ EngineKey, SecretAccessKey ]
stack:
name: {Ref: 'AWS::StackName'}
region: {Ref: 'AWS::Region'}