Zed Series Release Notes


New Features

  • The keystone::wsgi::apache class now supports customizing request headers added by apache.

  • Added description parameter to keystone_user resource.

  • The new keystone::notification_opt_out parameter has been added.

  • The new keystone::cron::token_flush::age parameter has been added.

  • The new keystone::wsgi::apache::wsgi_process_display_name parameter has been added.

Upgrade Notes

  • Default value of the keystone::wsgi::apache::ssl parameter has been changed from true to false and now ssl is disabled by default.

  • The keystone::admin_endpoint parameter has been removed.

  • CentOS 8 Stream is no longer supported by this module.

  • The keystone::federation::openidc_httpd_configuration class has been removed.

  • The member_role_id parameter and the member_role_name parameter of the keystone class have been removed.

Deprecation Notes

  • The following parameters of the keystone class have been deprecated and have no effect now.

    • enable_ssl

    • ssl_certfile

    • ssl_keyfile

    • ssl_ca_certs

    • ssl_ca_key

    • ssl_cert_subject

  • The keystone::log_dir parameter and the keystone::log_file parameter have been deprecated and have no effect now.

  • The keystone::service class has been deprecated and will be removed in a future release.

  • The keystone::wsgi::apache::api_port parameter has been deprecated. Use the port parameter instead.

Security Issues

  • Content of fernet keys and credential keys are now hidden from output, when these files are updated.