From d358b9130d80f5fff492de03abf74676a06e61c3 Mon Sep 17 00:00:00 2001
From: John Dickinson <me@not.mn>
Date: Thu, 13 Dec 2018 10:45:51 -0800
Subject: [PATCH] added value and notes to a sample config file for s3token

Change-Id: I18accffb2cf6ba6a3fff6fd5d95f06a424d1d919
---
 etc/proxy-server.conf-sample | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/etc/proxy-server.conf-sample b/etc/proxy-server.conf-sample
index ea979dbfb7..2958347d13 100644
--- a/etc/proxy-server.conf-sample
+++ b/etc/proxy-server.conf-sample
@@ -598,6 +598,17 @@ auth_uri = http://keystonehost:5000/v3
 # Connect/read timeout to use when communicating with Keystone
 http_timeout = 10.0
 
+# Number of seconds to cache the S3 secret. By setting this to a positive
+# number, the S3 authorization validation checks can happen locally.
+# secret_cache_duration = 0
+
+# If S3 secret caching is enabled, Keystone auth credentials to be used to
+# validate S3 authorization must be provided here. The appropriate options
+# are the same as used in the authtoken middleware above. The values are
+# likely the same as used in the authtoken middleware.
+# Note that the Keystone auth credentials used by s3token will need to be
+# able to view all project credentials too.
+
 # SSL-related options
 # insecure = False
 # certfile =