Re: CF CLI v6.35.0 Release Today - service instance sharing; client credentials

Home Messages Hashtags Subgroups

#7870

Re: CF CLI v6.35.0 Release Today - service instance sharing; client credentials

Gowrisankar M #7870 Hello All, CF services sharing when it will be available for user-provided services? BRs,Gowrisankar toggle quoted message Show quoted text On Thu, Mar 15, 2018 at 12:53 AM, Matthias Winzeler <matthias.winzeler@...> wrote: Hi Tian Thanks for the information - this sounds good. We're looking forward for clients with user permission since this will solve the issue with SAML federated users who want to interact with the API interactively (currently not possible, so we create local users for them). -Matthias 2018-03-14 20:02 GMT+01:00 Tian Wang <tiwang@...>: Hi Matthias, The service accounts feature today works for global scopes on clients created in UAA such as `cloud_controller.admin` and `cloud_controller.admin_read_only`. The current plan is to integrate down the line with the Perm project which will provide the ability to assign clients with space and org fine-grained authorizations, so that they can act essentially the same as a user. Regards, Tian On Sat, Mar 10, 2018 at 12:52 AM, Matthias Winzeler <matthias.winzeler@...> wrote: Hi Jay The service accounts feature sounds very exciting. How does it work exactly? I guess I have to create a user on UAA with client credentials grant type (i.e. with uaac) first. How can I then permit this client to orgs and spaces so that he can interact with CF like a user? -Matthias 2018-03-10 2:15 GMT+01:00 Dr Nic Williams <drnicwilliams@...>: Specifically referencing https://docs.cloudfoundry.org/services/enable-sharing.html#enabling > Service brokers must explicitly enable service instance sharing by setting a flag in their service-level metadata object. This allows service instances, of any service plan, to be shared across organizations and spaces. The "shareable" flag must be set to true in the service-level metadata to enable service instance sharing. If the flag is set to false or is absent, sharing is disabled. From: cf-dev@... <cf-dev@...> on behalf of Dr Nic Williams <drnicwilliams@...> Sent: Saturday, March 10, 2018 11:14:01 AM To: cf-dev@... Subject: Re: [cf-dev] CF CLI v6.35.0 Release Today - service instance sharing; client credentials Reading the links thru to info in services supporting sharing - what were the ideas behind requiring service implementors to opt in; rather than leave this to CF administrators or space/org administrators to enable? From: cf-dev@... <cf-dev@...> on behalf of Jay Badenhope <jbadenhope@...> Sent: Saturday, March 10, 2018 8:53:18 AM To: cf-dev@... Subject: [cf-dev] CF CLI v6.35.0 Release Today - service instance sharing; client credentials The CF CLI team released version 6.35.0 today. Yay! Service Instance Sharing This cf CLI feature includes two new commands, `share-service` and `unshare-service`, to enable you to share service instances between spaces in the same or different orgs. Additional details here. We welcome your feedback on the new implementation. To help you track where a service instance is shared to or from, we refactored and updated the `service` command. Service Account Authentication (Client Credentials) It is now possible to authenticate with only a client ID and a secret using the `auth` command with a new `--client-credentials` flag. Before this release, users could only log in as a user (i.e. username & password with either default client id, or custom client id & secret). That meant "fake" users needed to be prepared for CI environments and scripts ("tiles" self-registration). `push` Fixes and Enhancements `v2-push` no longer accepted (previous release merged `v2-push` into `push`) Fixes problem where existing routes with customer hosts were ignored on `push`, #1321 Other Fixes and Enhancements Fixed problem where wildcards weren't allowed in routes section of app manifest, deployment #399 Plugin Updates Going forward, we ask that every plugin name matches its command name so it can be installed and uninstalled with the same name. Updated Event Alerts Plugin to 0.0.1, #198, then removed that plugin, #211 Updated top Plugin to 0.9.3, #210 Updated service-use to 1.2.2 with matching command and plugin names #213 Refactored commands `services` to enable an upcoming feature `service` (see above) `logout` to enable clearing of client credentials for Service Account Authentication (see above); will now also show user name during logout for consistency with other commands Release contributors: An Yu, Nick Wei, Sebastian Vidrio, Anande Gaitonde, Jay Badenhope, and special guest Kevin Middleton. Thanks also to our partners on the CAPI, SAPI, and UAA teams. -- Jay Badenhope Product Manager, CF CLI Pivotal Labs LinkedIn \| Twitter -- Matthias Winzeler Mattenenge 8 3011 Bern mailto: matthias.winzeler@... -- Matthias Winzeler Mattenenge 8 3011 Bern mailto: matthias.winzeler@...
More All Messages By This Member

View All 12 Messages In Topic

#7870

Join {cf-dev@lists.cloudfoundry.org to automatically receive all group messages.

Home Hashtags Subgroups Terms