You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@openwhisk.apache.org by Rodric Rabbah <ro...@gmail.com> on 2019/03/06 17:17:17 UTC

Re: change the default action context to omit api key

There is a new comment on the issue related to this patch [1] which
suggests a deployment time parameter for enabling the feature that
restricts whisk API keys being available to all actions. I looked at the PR
and think it can be done with some changes in the controller and the tests.
We already have many deployment parameters and a pattern to replicate.

It is worth adding this configuration parameter? I'd expect we'd remove it
at some point since the more-secure-by-default makes more sense longer term.

-r

[1]
https://github.com/apache/incubator-openwhisk/issues/4226#issuecomment-470112596

Re: change the default action context to omit api key

Posted by Chetan Mehrotra <ch...@gmail.com>.

We may need such a feature flag so created a PR 4334 for it.

Chetan Mehrotra


On Wed, Mar 6, 2019 at 10:47 PM Rodric Rabbah <ro...@gmail.com> wrote:

> There is a new comment on the issue related to this patch [1] which
> suggests a deployment time parameter for enabling the feature that
> restricts whisk API keys being available to all actions. I looked at the PR
> and think it can be done with some changes in the controller and the tests.
> We already have many deployment parameters and a pattern to replicate.
>
> It is worth adding this configuration parameter? I'd expect we'd remove it
> at some point since the more-secure-by-default makes more sense longer
> term.
>
> -r
>
> [1]
>
> https://github.com/apache/incubator-openwhisk/issues/4226#issuecomment-470112596
>