From 17627658ac616fcbb7d76977b3efacb14884a784 Mon Sep 17 00:00:00 2001 From: Sergey Poznyakoff Date: Mon, 19 Jan 2015 22:26:04 +0200 Subject: New configuration statement authentication-provide * NEWS: Update. * src/config.c: New statement "authentication-provider" * src/eclat.c (authentication_provider): New variable. (main): Select credentials depending on the value of authentication_provider. * src/eclat.h (authentication_provider): New enum and extern. --- NEWS | 36 ++++++++++++++++++++++++++++++++---- 1 file changed, 32 insertions(+), 4 deletions(-) (limited to 'NEWS') diff --git a/NEWS b/NEWS index aebbc83..529df1e 100644 --- a/NEWS +++ b/NEWS @@ -21,12 +21,40 @@ following statement in the eclat configuration file: * If availability region is not supplied, it is read from the instance store. +* Authentication providers + +Support for different authentication providers is introduced. +Authentication provider is a service that supplies AWS access key ID and +secret key. It is configured by the "authentication-provider" +statement in the configuration file. The syntax is: + + authentication-provider TYPE ARG; + +TYPE cane be one of: + +- file +Credentials are obtained from a disk file named by the second +argument. The statement + + authentication-provider file NAME + +is equivalent to + + access-file NAME + +of eclat 1.0 and prior. The "access-file" statement is retained for +backward compatibility. + +- instance-store +Credentials are obtained from the instance store. Second argument +supplies the name of the IAM role to use. + * IAM support -If access key is not found in the access file, it is assumed to be a -IAM role name. The authentication credentials are then taken from the -instance store. - +If authentication provider is set to "instance-store", its argument +specifies IAM role name. The authentication credentials are then +taken from the instance store. + Version 1.0, 2013-12-20 -- cgit v1.2.1