You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
Yes, and a very important one given unwanted minions seem to be auto accepted.
Describe the solution you'd like
The autosign_grains feature allows to set multiple grains for matching, but it seems to match on ANY grain that matches the criteria, it does not seem to match on ALL grains.
Given autosign_grains is set to match on 3 different grains like
os
domain
custom_grain
The minion should be accepted only if provide matching values for the 3 grains.
Currently, matching on 1 grain seems to be enough to accept the minion.
A minion with the right value for custom_grains but incorrect values for os and domain is automatically acceptd by the master.
Minion should be accepted only if matching on os + domain + custom grain
Additional context
Salt 3004.2, Linux and Windows minions
Is your feature request related to a problem? Please describe.
Yes, and a very important one given unwanted minions seem to be auto accepted.
Describe the solution you'd like
The autosign_grains feature allows to set multiple grains for matching, but it seems to match on ANY grain that matches the criteria, it does not seem to match on ALL grains.
Given autosign_grains is set to match on 3 different grains like
The minion should be accepted only if provide matching values for the 3 grains.
Currently, matching on 1 grain seems to be enough to accept the minion.
A minion with the right value for custom_grains but incorrect values for os and domain is automatically acceptd by the master.
Minion should be accepted only if matching on os + domain + custom grain
Additional context
Salt 3004.2, Linux and Windows minions
Please Note
If this feature request would be considered a substantial change or addition, this should go through a SEP process here https://github.com/saltstack/salt-enhancement-proposals, instead of a feature request.
The text was updated successfully, but these errors were encountered: