git.net

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[aodh][keystone] handling of webhook / alarm authentication


Hi Lingxian,

The information referenced comes from:
https://docs.openstack.org/aodh/latest/admin/telemetry-alarms.html

Here it would be an alarm that would use the webhooks action. The
endpoint in our use case would be Watcher for which we have just passed
a spec: https://review.opendev.org/#/c/695646/

With these alarms that report using a webhook I am wondering how these
received alarms can be authenticated and if the keystone token context
is available?

Hope this makes it clearer.

Kind regards,
Corne Lukken
Watcher core-reviewer

On 1/10/20 11:44 AM, Lingxian Kong wrote:
> Hi Corne,
> 
> I didn't fully understand your question, could you please provide the doc
> mentioned and if possible, an example of aodh alarm you want to create
> would be better.
> 
> -
> Best regards,
> Lingxian Kong
> Catalyst Cloud
> 
> 
> On Fri, Jan 10, 2020 at 10:30 PM info at dantalion.nl <info at dantalion.nl>
> wrote:
> 
>> Hello,
>>
>> I was wondering how a service receiving an aodh webhook could perform
>> authentication?
>>
>> The documentation describes the webhook as a simple post-request so I
>> was wondering if a keystone token context is available when these
>> requests are received?
>>
>> If not, I was wondering if anyone had any recommendation on how to
>> perform authentication upon received post-requests?
>>
>> So far I have come up with limiting the functionality of these webhooks
>> such as rate-limiting and administrators having to explicitly enable
>> these webhooks before they work.
>>
>> Hope anyone else could provide further valuable information.
>>
>> Kind regards,
>> Corne Lukken
>> Watcher core-reviewer
>>
>>
>