barbican/notes at 90437d9a6c3bd91c9c17493739890cb834326a05 - barbican - OpenDev: Free Software Needs Free Tools

openstack/barbican

History

Douglas Mendizábal 116a9045eb Remove System scope from policy

As specified in Phase 1 of the Consistent and Secure Default RBAC
goal [1] policies have been updated to remove "system" scope and
only use "project" scope in all policies.

APIs with policies that previously required "system" scope have been
updated to accept "project" scoped tokens with the "admin" role instead.

[1] https://governance.openstack.org/tc/goals/selected/consistent-and-secure-rbac.html#phase-1

Change-Id: I3b781112fc6ced7b73196f973cefd6a30ef99dd3

2023-06-05 15:03:06 -04:00

..

.placeholder

Add reno for release notes management

2015-12-01 10:33:18 -05:00

add-barbican-manage-check-subcommands-38835078f5cc0ce2.yaml

Add 'barbican-manage hsm check_[mkek|hmac].

2018-11-09 13:48:00 +00:00

add-configurable-mechanism-options-2e5c57099b4c91b1.yaml

Refactor PKCS#11 to allow configurable mechanisms

2018-08-10 22:24:34 -05:00

add-new-pkcs11-options-fc7bb625998e91fc.yaml

Use serial number or label for PKCS#11 tokens

2020-10-19 16:21:15 -05:00

add-os-locking-ok-option-d0cfc5883355632a.yaml

Use system locks in pkcs11 library

2021-02-22 14:17:26 -06:00

allow-aes-xts-512-bitlength-in-simple-crypto-95936a2d830035cc.yaml

Adding support for 512-Bit-Secret-Creation when using xts-mode

2018-08-01 08:00:55 +02:00

allow-multiple-pkcs11-token-labels-61b63e34b7c8cc1a.yaml

Allow multiple token labels for PKCS#11 driver

2021-03-04 11:49:11 -06:00

barbican-manage-d469b4d15454f981.yaml

Add barbican-manage release notes

2016-03-18 12:51:48 -05:00

barbican-status-upgrade-check-framework-9df56289b1d91ba4.yaml

Add barbican-status upgrade check command framework

2019-01-15 06:16:53 +00:00

change_default_control_exchange-c47abc3e3f08aa31.yaml

Configure control_exchange to match keystone

2018-04-13 15:53:28 +08:00

deprecate-json-formatted-policy-file-b135aa7551e81066.yaml

[goal] Deprecate the JSON formatted policy file

2021-02-02 08:36:59 -06:00

drop-py-2-7-f745ea90b33c7910.yaml

[ussuri][goal] Drop python 2.7 support and testing

2020-01-10 17:22:04 +00:00

fix-story-2004734-977dbeda6b547f85.yaml

Fix Safenet HSM regression in PKCS#11

2019-01-15 06:16:15 +00:00

fix-story-2004833-2b420688a82c3328.yaml

Made HMAC Key Wrap mechanism configurable

2019-03-07 14:24:33 -05:00

fix-story-2006978-aa5f2r9cqpfa0tm8.yaml

Fix admin can not delete other user's secrets

2020-10-05 15:49:02 +08:00

fix-story-2008335-a253190d0fa799a0.yaml

Fix Castellan Secret Store inconsistent encoding

2021-09-15 08:42:25 -05:00

fix-story-2008649-reinitialize-pkcs11-object-4c0dc51c83288c21.yaml

Fix PKCS#11 reinitialization after failure

2021-02-23 08:08:11 -06:00

fix-story-2009247-18faf4f2b570dfc0.yaml

Fix POST /v1/secret/{secret-id}/metadata response

2021-09-23 21:16:41 +00:00

fix-story-2009664-042ef282c0dd6b6a.yaml

Fix container consumers rbac policy

2022-02-07 16:21:38 -06:00

fix-story-2009672-d64ef6c10444f517.yaml

Fix consumer name length validator

2021-11-10 15:24:16 -06:00

fix-story-2009791-allow-creator-delete-06dd3eb670d0e624.yaml

Allow secret delete by users with "creator" role

2022-01-31 14:21:58 -06:00

fix-story-2010258-053ee02fe46b9984.yaml

Release notes for secret consumers, microversions and CVE fix

2023-03-03 14:52:08 +01:00

fixed-invalid-route-response-code-15a681d07222a4f7.yaml

Fixed incorrect release note

2018-09-10 12:48:35 -05:00

fixed-mysql-migrations-23221671ba17ea5e.yaml

Rebase alembic migrations

2020-09-23 14:00:58 -05:00

http_proxy_to_wsgi-middleware-98dc4fe03eb362d3.yaml

Use http_proxy_to_wsgi middleware

2016-10-19 14:09:24 +08:00

increase-max-secret-size-da90164d8b328727.yaml

Raise maximum allowed secret size

2021-04-27 15:49:39 -05:00

keystone-listener-pooling-a4fb0dde9e25a21f.yaml

Support listener pooling in keystone listener

2019-10-03 14:47:00 +00:00

metadata-api-e95d4559e7bf9ca9.yaml

Add release notes for metadata api

2016-03-21 17:02:01 -05:00

multiple-backends-75f5b85c63b930b7.yaml

[Trivialfix]Fix typos

2017-08-27 19:58:51 -07:00

oslopolicy-genscripts-1a7b364b8ffd7c3f.yaml

Maintain policy in code

2017-05-17 10:02:03 +00:00

pkcs11-backend-performance-f3caacbe9e1ab535.yaml

Add PKCS#11 upgrade release note

2016-03-21 10:53:25 -05:00

port-ruledefaults-to-documentedruledefaults-954fe88af9fe72ed.yaml

Port RuleDefaults to DocumentedRuleDefaults

2018-10-29 12:57:49 +00:00

remap-policy-to-match-controller-1673ec7c88235227.yaml

Ensure orders policy-in-code matches controller

2018-07-12 13:36:04 -04:00

remove_pkix-b045e7dde7e47356.yaml

Removed application/pkix media type

2017-03-01 10:18:12 +00:00

remove-system-scope-from-policy-f2f68c42c0742812.yaml

Remove System scope from policy

2023-06-05 15:03:06 -04:00

removing-cas-certificate-orders-96fc47a7acaea273.yaml

Authorites spelling error

2018-01-23 18:40:34 +08:00

renamed-generate-iv-option-29770cfcff8e3b83.yaml

Fix CKM_AES_GCM encryption

2018-08-28 12:28:55 -05:00

secret-consumers-microversions-changes-5aacdad5b7c776a3.yaml

Release notes for secret consumers, microversions and CVE fix

2023-03-03 14:52:08 +01:00

secure-rbac-acl-policy-b534614ee7190108.yaml

Implement secure RBAC for ACLs API

2021-03-10 15:19:17 -06:00

secure-rbac-consumer-policy-5ff67280dc2a2c09.yaml

Implement secure RBAC for consumers API

2021-03-09 14:16:11 -05:00

secure-rbac-container-policy-f7814e65dc2ab130.yaml

Implement secure RBAC for containers API

2021-03-09 14:16:11 -05:00

secure-rbac-order-policy-2068c64cb6830c6c.yaml

Implement secure RBAC for orders API

2021-03-09 14:16:11 -05:00

secure-rbac-quotas-policy-f725a2752d1ba3f4.yaml

Implement secure RBAC for quota API

2021-03-11 11:38:40 -05:00

secure-rbac-secretmeta-policy-587cdad4e2ecee3a.yaml

Implement secure RBAC for secretmeta API

2021-03-09 14:16:11 -05:00

secure-rbac-secrets-policy-61d49439a043f865.yaml

Implement secure RBAC for secrets API

2021-03-09 14:16:00 -05:00

secure-rbac-secretstore-policy-ffa782850082add8.yaml

Implement secure RBAC for secretstore API

2021-03-11 11:30:28 -05:00

secure-rbac-transportkey-policy-3e904787694f8471.yaml

Implement secure RBAC for transport key API

2021-03-09 14:16:11 -05:00

update-autodbcreate-default-31b5a86063b91444.yaml

Set db_auto_create default to False

2020-09-25 14:34:07 +00:00

use_oslo_config_generator-f2a9be9e71d90b1f.yaml

Use oslo-config-generator to generate barbican.conf.sample

2017-04-05 08:02:35 +02:00

use-barbican-conf-in-barbican-manage-52035c1cdbfc5a26.yaml

Use barbican.conf in barbican-manage

2020-10-29 17:12:31 +00:00