aboutsummaryrefslogtreecommitdiffstats
path: root/keystone-moon/releasenotes/notes/add-bootstrap-cli-192500228cc6e574.yaml
diff options
context:
space:
mode:
Diffstat (limited to 'keystone-moon/releasenotes/notes/add-bootstrap-cli-192500228cc6e574.yaml')
-rw-r--r--keystone-moon/releasenotes/notes/add-bootstrap-cli-192500228cc6e574.yaml17
1 files changed, 0 insertions, 17 deletions
diff --git a/keystone-moon/releasenotes/notes/add-bootstrap-cli-192500228cc6e574.yaml b/keystone-moon/releasenotes/notes/add-bootstrap-cli-192500228cc6e574.yaml
deleted file mode 100644
index 997ee64a..00000000
--- a/keystone-moon/releasenotes/notes/add-bootstrap-cli-192500228cc6e574.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
----
-features:
- - >
- [`blueprint bootstrap <https://blueprints.launchpad.net/keystone/+spec/bootstrap>`_]
- keystone-manage now supports the bootstrap command
- on the CLI so that a keystone install can be
- initialized without the need of the admin_token
- filter in the paste-ini.
-security:
- - The use of admin_token filter is insecure compared
- to the use of a proper username/password. Historically
- the admin_token filter has been left enabled in
- Keystone after initialization due to the way CMS
- systems work. Moving to an out-of-band initialization using
- ``keystone-manage bootstrap`` will eliminate the security concerns around
- a static shared string that conveys admin access to keystone
- and therefore to the entire installation.