Set https connection verify flag from config
It was not a good idea to set verify=False for all https connection. It's better to parse value from config and set verify flag with it. Change-Id: Ied057aba6dc23024561f349130ab862b1ddddd60
This commit is contained in:
parent
6a5c1cdfea
commit
ea4cab81f7
|
@ -14,6 +14,7 @@
|
|||
# under the License.
|
||||
|
||||
import botocore.session
|
||||
from oslo_config import types
|
||||
|
||||
|
||||
def _get_client(client_name, url, region, access, secret, ca_bundle):
|
||||
|
@ -29,9 +30,10 @@ def _get_client(client_name, url, region, access, secret, ca_bundle):
|
|||
'aws_secret_access_key': secret
|
||||
}
|
||||
if ca_bundle:
|
||||
try:
|
||||
kwargs['verify'] = types.Boolean()(ca_bundle)
|
||||
except Exception:
|
||||
kwargs['verify'] = ca_bundle
|
||||
else:
|
||||
kwargs['verify'] = False
|
||||
return session.create_client(client_name, **kwargs)
|
||||
|
||||
|
||||
|
|
|
@ -28,7 +28,7 @@ AWSGroup = [
|
|||
cfg.StrOpt('ca_bundle',
|
||||
default=None,
|
||||
help="The CA certificate bundle to use when verifying "
|
||||
"SSL certificates."),
|
||||
"SSL certificates. Or True/False to pass to botocore."),
|
||||
cfg.StrOpt('aws_secret',
|
||||
default=None,
|
||||
help="AWS Secret Key",
|
||||
|
|
Loading…
Reference in New Issue