diff --git a/jupyter/cygno_experiment.yaml b/jupyter/cygno_experiment.yaml
index f6ff48b6988b5bf06dde2aa681609ab79745b0c1..67068e257921636d5cdea9f6f4b5c89ebb4982b1 100644
--- a/jupyter/cygno_experiment.yaml
+++ b/jupyter/cygno_experiment.yaml
@@ -36,7 +36,7 @@ topology_template:
iam_url:
type: string
- default: "https://iam.cloud.infn.it"
+ default: "https://iam.cloud.infn.it/"
description: IAM Instance for end user authentication
iam_subject:
@@ -109,9 +109,17 @@ topology_template:
node_templates:
+ iam_client:
+ type: tosca.nodes.indigo.iam.client
+ properties:
+ scopes: openid email profile wlcg offline_access address wlcg.groups
+ issuer: { get_input: iam_url }
+
ml_install:
type: tosca.nodes.DODAS.single-node-jupyterhub
properties:
+ iam_client_id: { get_property : [ iam_client, client_id ] }
+ iam_token: { get_property : [ iam_client, registration_access_token ] }
iam_url: { get_input: iam_url }
iam_subject: { get_input: iam_subject }
iam_groups: { get_input: iam_groups }
diff --git a/jupyter/jupyter_matlab.yaml b/jupyter/jupyter_matlab.yaml
index 53cd074f4301f107f46e9ca717142e792798f6db..88b4962f11adaa51ba152182a62202c092f1bd09 100644
--- a/jupyter/jupyter_matlab.yaml
+++ b/jupyter/jupyter_matlab.yaml
@@ -48,7 +48,7 @@ topology_template:
iam_url:
type: string
- default: "https://iam.cloud.infn.it"
+ default: "https://iam.cloud.infn.it/"
description: IAM Instance for end user authentication
iam_subject:
@@ -109,11 +109,20 @@ topology_template:
type: tosca.datatypes.indigo.network.PortSpec
node_templates:
+
+ iam_client:
+ type: tosca.nodes.indigo.iam.client
+ properties:
+ scopes: openid email profile wlcg offline_access address wlcg.groups
+ issuer: { get_input: iam_url }
+
ml_install:
type: tosca.nodes.DODAS.single-node-jupyterhub
properties:
- letsencrypt_test: false
contact_email: { get_input: contact_email }
+ iam_client_id: { get_property : [ iam_client, client_id ] }
+ iam_token: { get_property : [ iam_client, registration_access_token ] }
+ #letsencrypt_test: false #Commented because not in tosca.nodes.DODAS.single-node-jupyterhub contact_email: { get_input: contact_email }
iam_url: { get_input: iam_url }
iam_subject: { get_input: iam_subject }
iam_groups: { get_input: iam_groups }
diff --git a/jupyter/jupyter_vm.yaml b/jupyter/jupyter_vm.yaml
index d006c7139bdc8638f11a34338c7400333722df0e..5c1f4a0f2931bab2fe7b75460806c62a88bcef51 100644
--- a/jupyter/jupyter_vm.yaml
+++ b/jupyter/jupyter_vm.yaml
@@ -50,7 +50,7 @@ topology_template:
iam_url:
type: string
- default: "https://iam.cloud.infn.it"
+ default: "https://iam.cloud.infn.it/"
description: IAM Instance for end user authentication
iam_subject:
@@ -124,9 +124,17 @@ topology_template:
node_templates:
+ iam_client:
+ type: tosca.nodes.indigo.iam.client
+ properties:
+ scopes: openid email profile wlcg offline_access address wlcg.groups
+ issuer: { get_input: iam_url }
+
ml_install:
type: tosca.nodes.DODAS.single-node-jupyterhub
properties:
+ iam_client_id: { get_property : [ iam_client, client_id ] }
+ iam_token: { get_property : [ iam_client, registration_access_token ] }
contact_email: { get_input: contact_email }
iam_url: { get_input: iam_url }
iam_subject: { get_input: iam_subject }
diff --git a/jupyter/ml_infn.yaml b/jupyter/ml_infn.yaml
index 3372f6f537cbdfdf34051cbb82523c11f9c92873..4e4f09b5c06abb4a11024792bc455e6110d16de9 100644
--- a/jupyter/ml_infn.yaml
+++ b/jupyter/ml_infn.yaml
@@ -69,7 +69,7 @@ topology_template:
iam_url:
type: string
- default: "https://iam.cloud.infn.it"
+ default: "https://iam.cloud.infn.it/"
description: IAM Instance for end user authentication
iam_subject:
@@ -155,9 +155,17 @@ topology_template:
node_templates:
+ iam_client:
+ type: tosca.nodes.indigo.iam.client
+ properties:
+ scopes: openid email profile wlcg offline_access address wlcg.groups
+ issuer: { get_input: iam_url }
+
ml_install:
type: tosca.nodes.DODAS.single-node-jupyterhub
properties:
+ iam_client_id: { get_property : [ iam_client, client_id ] }
+ iam_token: { get_property : [ iam_client, registration_access_token ] }
iam_url: { get_input: iam_url }
iam_subject: { get_input: iam_subject }
iam_groups: { get_input: iam_groups }
diff --git a/jupyter/private-net/jupyter_vm.yaml b/jupyter/private-net/jupyter_vm.yaml
index 04f202db0e32dc8d984a1b3849597037b9428112..b8645900c234e08d2f07d418ec63a605964fb948 100644
--- a/jupyter/private-net/jupyter_vm.yaml
+++ b/jupyter/private-net/jupyter_vm.yaml
@@ -49,7 +49,7 @@ topology_template:
iam_url:
type: string
- default: "https://iam.cloud.infn.it"
+ default: "https://iam.cloud.infn.it/"
description: IAM Instance for end user authentication
iam_subject:
@@ -118,9 +118,17 @@ topology_template:
node_templates:
+ iam_client:
+ type: tosca.nodes.indigo.iam.client
+ properties:
+ scopes: openid email profile wlcg offline_access address wlcg.groups
+ issuer: { get_input: iam_url }
+
ml_install:
type: tosca.nodes.DODAS.single-node-jupyterhub
properties:
+ iam_client_id: { get_property : [ iam_client, client_id ] }
+ iam_token: { get_property : [ iam_client, registration_access_token ] }
contact_email: { get_input: contact_email }
iam_url: { get_input: iam_url }
iam_subject: { get_input: iam_subject }
diff --git a/single-vm/cloud_storage_service.yaml b/single-vm/cloud_storage_service.yaml
index b99ce5bfac0d12d095af33d570f2d1e2d1425941..33fde72393715c2da9de74e2b9a3b0ae237923fe 100644
--- a/single-vm/cloud_storage_service.yaml
+++ b/single-vm/cloud_storage_service.yaml
@@ -137,7 +137,6 @@ topology_template:
properties:
scopes: openid profile email
issuer: { get_input: iam_url }
- owner: { get_input: iam_subject }
s3_data_bucket:
type: tosca.nodes.indigo.S3Bucket