Wallaby Series Release Notes

18.6.0-4

New Features

  • The new keystone::notification_opt_out parameter has been added.

18.6.0

Security Issues

  • Content of fernet keys and credential keys are now hidden from output, when these files are updated.

18.5.0

New Features

  • Adding the following configurable items for OpenID:

    • keystone::federation::openidc::openidc_pass_userinfo_as to set OIDCPassUserInfoAs

    • keystone::federation::openidc::openidc_pass_claim_as to set OIDCPassClaimsAs

  • The keystone::federation::ipenidc class now supports the new openidc_response_mode parameter, to customize mod_auth_openidc response mode.

18.4.0

New Features

  • The following parameters of the keystone::ldap class have been deprecated and have no effect.

    • project_tree_dn

    • project_filter

    • project_objectclass

    • project_id_attribute

    • project_member_attribute

    • project_name_attribute

    • project_desc_attribute

    • project_enabled_attribute

    • project_domain_id_attribute

    • project_attribute_ignore

    • project_allow_create

    • project_allow_update

    • project_allow_delete

    • project_enabled_emulation

    • project_enabled_emulation_dn

    • project_additional_attribute_mapping

    • role_tree_dn

    • role_filter

    • role_objectclass

    • role_id_attribute

    • role_name_attribute

    • role_member_attribute

    • role_attribute_ignore

    • role_allow_create

    • role_allow_update

    • role_allow_delete

    • role_additional_attribute_map

  • The new keystone::policy::enforce_new_defaults parameter has been added.

Upgrade Notes

  • The following deprecated parameters have been completely removed from the keystone::ldap_backend resource type.

    • project_tree_dn

    • project_filter

    • project_objectclass

    • project_id_attribute

    • project_member_attribute

    • project_name_attribute

    • project_desc_attribute

    • project_enabled_attribute

    • project_domain_id_attribute

    • project_attribute_ignore

    • project_allow_create

    • project_allow_update

    • project_allow_delete

    • project_enabled_emulation

    • project_enabled_emulation_dn

    • project_additional_attribute_mapping

    • role_tree_dn

    • role_filter

    • role_objectclass

    • role_id_attribute

    • role_name_attribute

    • role_member_attribute

    • role_attribute_ignore

    • role_allow_create

    • role_allow_update

    • role_allow_delete

    • role_additional_attribute_map

    • credential_driver

    • assignment_driver