murano/releasenotes/notes/decrypt-yaql-function-6651d0f5d73bd58d.yaml
Paul Bourke 9248605e67 Add decryptData yaql function to murano engine
Adds a new yaql function 'decryptData' which pairs with 'encryptData' on
the dashboard side.

Requires a valid secret storage backend (e.g. Barbican) to be configured
via Castellan in murano.conf, e.g.

    [key_manager]
    auth_type = keystone_password
    auth_url = <auth_url>
    username = <username>
    password = <password>
    project_id = <project_id>
    user_domain_name = <user_domain_name>

Murano will still work fine without this config but the encrypt/decrypt
functions will be unavailable.

Partially-Implements blueprint: allow-encrypting-of-muranopl-properties
Depends-On: I1be3a1e11e3f4c2170062927ad359bf679eb25d9
Change-Id: I09416b6d35ed2dafa823eca98262a4e23081e6eb
2017-07-21 13:32:13 +01:00

10 lines
341 B
YAML

---
features:
- |
Added a new yaql function 'decryptData' which pairs with 'encryptData' on
the dashboard side. Application authors can use these functions to secure
sensitive input to their Murano applications such as passwords.
Requires a valid secret storage backend (e.g. Barbican) to be configured
via Castellan.