[aodh][keystone] handling of webhook / alarm authentication
info at dantalion.nl
info at dantalion.nl
Fri Jan 10 12:50:10 UTC 2020
Hi Lingxian,
The information referenced comes from:
https://docs.openstack.org/aodh/latest/admin/telemetry-alarms.html
Here it would be an alarm that would use the webhooks action. The
endpoint in our use case would be Watcher for which we have just passed
a spec: https://review.opendev.org/#/c/695646/
With these alarms that report using a webhook I am wondering how these
received alarms can be authenticated and if the keystone token context
is available?
Hope this makes it clearer.
Kind regards,
Corne Lukken
Watcher core-reviewer
On 1/10/20 11:44 AM, Lingxian Kong wrote:
> Hi Corne,
>
> I didn't fully understand your question, could you please provide the doc
> mentioned and if possible, an example of aodh alarm you want to create
> would be better.
>
> -
> Best regards,
> Lingxian Kong
> Catalyst Cloud
>
>
> On Fri, Jan 10, 2020 at 10:30 PM info at dantalion.nl <info at dantalion.nl>
> wrote:
>
>> Hello,
>>
>> I was wondering how a service receiving an aodh webhook could perform
>> authentication?
>>
>> The documentation describes the webhook as a simple post-request so I
>> was wondering if a keystone token context is available when these
>> requests are received?
>>
>> If not, I was wondering if anyone had any recommendation on how to
>> perform authentication upon received post-requests?
>>
>> So far I have come up with limiting the functionality of these webhooks
>> such as rate-limiting and administrators having to explicitly enable
>> these webhooks before they work.
>>
>> Hope anyone else could provide further valuable information.
>>
>> Kind regards,
>> Corne Lukken
>> Watcher core-reviewer
>>
>>
>
More information about the openstack-discuss
mailing list