-Description: 'ssl-source: SSL endpoint metadata for openstack'
-Parameters:
+description: 'ssl-source: SSL endpoint metadata for openstack'
+parameters:
SSLCertificate:
- Default: ''
- Description: If set, the contents of an SSL certificate .crt file for encrypting SSL endpoints.
- Type: String
- NoEcho: true
+ default: ''
+ description: If set, the contents of an SSL certificate .crt file for encrypting SSL endpoints.
+ type: string
+ hidden: true
SSLKey:
- Default: ''
- Description: If set, the contents of an SSL certificate .key file for encrypting SSL endpoints.
- Type: String
- NoEcho: true
-Resources:
- controller0Config:
- Type: AWS::AutoScaling::LaunchConfiguration
- Metadata:
- stunnel:
- cert:
- Ref: SSLCertificate
- key:
- Ref: SSLKey
- ports:
- - name: 'ec2'
- accept: 13773
- connect: 8773
- - name: 'image'
- accept: 13292
- connect: 9292
- - name: 'identity'
- accept: 13000
- connect: 5000
- - name: 'network'
- accept: 13696
- connect: 9696
- - name: 'compute'
- accept: 13774
- connect: 8774
- - name: 'swift-proxy'
- accept: 13080
- connect: 8080
- - name: 'cinder'
- accept: 13776
- connect: 8776
+ default: ''
+ description: If set, the contents of an SSL certificate .key file for encrypting SSL endpoints.
+ type: string
+ hidden: true
+ SSLCACertificate:
+ default: ''
+ description: If set, the contents of an SSL certificate authority file.
+ type: string
+resources:
+ SSLConfig:
+ type: OS::Heat::StructuredConfig
+ properties:
+ group: os-apply-config
+ config:
+ ssl:
+ ca_certificate:
+ get_input: ssl_ca_certificate
+ stunnel:
+ cert:
+ get_input: ssl_certificate
+ key:
+ get_input: ssl_key
+ cacert:
+ get_input: ssl_ca_certificate
+ ports:
+ - name: 'ec2'
+ accept: 13773
+ connect: 8773
+ connect_host:
+ get_input: controller_host
+ - name: 'image'
+ accept: 13292
+ connect: 9292
+ connect_host:
+ get_input: controller_host
+ - name: 'identity'
+ accept: 13000
+ connect: 5000
+ connect_host:
+ get_input: controller_host
+ - name: 'network'
+ accept: 13696
+ connect: 9696
+ connect_host:
+ get_input: controller_host
+ - name: 'compute'
+ accept: 13774
+ connect: 8774
+ connect_host:
+ get_input: controller_host
+ - name: 'swift-proxy'
+ accept: 13080
+ connect: 8080
+ connect_host:
+ get_input: controller_host
+ - name: 'cinder'
+ accept: 13776
+ connect: 8776
+ connect_host:
+ get_input: controller_host
+ - name: 'ceilometer'
+ accept: 13777
+ connect: 8777
+ connect_host:
+ get_input: controller_host