Improve keystone.conf [trust] documentation

Change-Id: I8df36ec2efb4e7cf65ad71d5c2f417f8d0b3a250
This commit is contained in:
Dolph Mathews 2016-07-11 17:38:03 -04:00
parent ab98f85a20
commit acf907b45d
1 changed files with 10 additions and 4 deletions

View File

@ -19,28 +19,34 @@ enabled = cfg.BoolOpt(
'enabled',
default=True,
help=utils.fmt("""
Delegation and impersonation features can be optionally disabled.
Delegation and impersonation features using trusts can be optionally disabled.
"""))
allow_redelegation = cfg.BoolOpt(
'allow_redelegation',
default=False,
help=utils.fmt("""
Enable redelegation feature.
Allows authorization to be redelegated from one user to another, effectively
chaining trusts together. When disabled, the `remaining_uses` attribute of a
trust is constrained to be zero.
"""))
max_redelegation_count = cfg.IntOpt(
'max_redelegation_count',
default=3,
help=utils.fmt("""
Maximum depth of trust redelegation.
Maximum number of times that authorization can be redelegated from one user to
another in a chain of trusts. This number may be reduced further for a specific
trust.
"""))
driver = cfg.StrOpt(
'driver',
default='sql',
help=utils.fmt("""
Entrypoint for the trust backend driver in the keystone.trust namespace.
Entry point for the trust backend driver in the `keystone.trust` namespace.
Keystone only provides a `sql` driver, so there is no reason to change this
unless you are providing a custom entry point.
"""))