Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

approle: Include role_name in alias metadata #9529

Merged
merged 3 commits into from
Oct 16, 2020
Merged

approle: Include role_name in alias metadata #9529

merged 3 commits into from
Oct 16, 2020

Conversation

endocrimes
Copy link
Contributor

This change allows people who are using templated policies to use the role's name in their templates through {{ identity.entity.aliases.approle.metadata.role_name }}.

I'm not sure if there is a better place to implement this, but it seems like the most reliable bet to ensure that it gets populated on future logins?

Closes #8128.

@endocrimes
approle: Include role_name in alias metadata
1a3e976 
This change allows people who are using templated policies to use the
role_name in their templates through {{
identity.entity.aliases.approle.metadata.role_name }}.
@endocrimes
Copy link
Contributor Author

Test failure seems like a flake, but it looks like Circle doesn’t let external folks re-run tests :(

@endocrimes
Copy link
Contributor Author

@kalafut / @calvn any chance either of you could take a look? 😄

@kalafut
Copy link
Contributor

kalafut commented Aug 11, 2020

@calvn As this metadata is stable (i.e. not a volatile instance_id or the like) I think it would be OK to store by default. WDYT?

@endocrimes
Copy link
Contributor Author

@kalafut Yeah that's my understanding here too :) - and seems to hold up in my test environment with this patch deployed

@calvn calvn added this to the 1.6 milestone Oct 15, 2020
@calvn calvn self-requested a review October 15, 2020 19:11
@calvn
Copy link
Contributor

calvn commented Oct 16, 2020

Merging this one. The race failure does not seem to be related.

@calvn calvn merged commit eba1dd0 into hashicorp:master Oct 16, 2020
calvn added a commit that referenced this pull request Oct 16, 2020
@endocrimes @calvn
approle: Include role_name in alias metadata (#9529)
c02593f 
This change allows people who are using templated policies to use the
role_name in their templates through {{
identity.entity.aliases.approle.metadata.role_name }}.

Co-authored-by: Calvin Leung Huang <[email protected]>
calvn added a commit that referenced this pull request Oct 16, 2020
@calvn @endocrimes
approle: Include role_name in alias metadata (#9529) (#10166)
88b53ef 
This change allows people who are using templated policies to use the
role_name in their templates through {{
identity.entity.aliases.approle.metadata.role_name }}.

Co-authored-by: Calvin Leung Huang <[email protected]>

Co-authored-by: Danielle <[email protected]>
@endocrimes
Copy link
Contributor Author

@calvn thanks! 🎉 ✨

@endocrimes endocrimes deleted the dani/approle-name-meta branch October 17, 2020 10:44
@lcgkm lcgkm mentioned this pull request Nov 11, 2020
Closed
@stefan-zh stefan-zh mentioned this pull request Mar 2, 2021
Merged
@rgevaert
Copy link
Contributor

Just a small contribution for everyone who would have issues get their acls to work with the above feature. It is {{ identity.entity.aliases.approle_accessor_id.metadata.role_name }}, not "approle".

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@calvn calvn Awaiting requested review from calvn

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
1.6
Development

Successfully merging this pull request may close these issues.

Add approle metadata to identity alias
4 participants
@endocrimes @kalafut @calvn @rgevaert