#
# BalancePeriod determines the interval between start times of
# successive scan/balance operations. If a scan/balance operation
- # takes longer than RunPeriod, the next one will follow it
+ # takes longer than BalancePeriod, the next one will follow it
# immediately.
#
# If SIGUSR1 is received during an idle period between operations,
UUIDTTL: 5s
# Block cache entries. Each block consumes up to 64 MiB RAM.
- MaxBlockEntries: 4
+ MaxBlockEntries: 20
# Collection cache entries.
MaxCollectionEntries: 1000
AuthenticationRequestParameters:
SAMPLE: ""
+ # Accept an OIDC access token as an API token if the OIDC
+ # provider's UserInfo endpoint accepts it.
+ #
+ # AcceptAccessTokenScope should also be used when enabling
+ # this feature.
+ AcceptAccessToken: false
+
+ # Before accepting an OIDC access token as an API token, first
+ # check that it is a JWT whose "scope" value includes this
+ # value. Example: "https://zzzzz.example.com/" (your Arvados
+ # API endpoint).
+ #
+ # If this value is empty and AcceptAccessToken is true, all
+ # access tokens will be accepted regardless of scope,
+ # including non-JWT tokens. This is not recommended.
+ AcceptAccessTokenScope: ""
+
PAM:
# (Experimental) Use PAM to authenticate users.
Enable: false
# Default value zero means tokens don't have expiration.
TokenLifetime: 0s
+ # If true (default) tokens issued through login are allowed to create
+ # new tokens.
+ # If false, tokens issued through login are not allowed to
+ # viewing/creating other tokens. New tokens can only be created
+ # by going through login again.
+ IssueTrustedTokens: true
+
# When the token is returned to a client, the token itself may
- # be restricted from manipulating other tokens based on whether
+ # be restricted from viewing/creating other tokens based on whether
# the client is "trusted" or not. The local Workbench1 and
# Workbench2 are trusted by default, but if this is a
# LoginCluster, you probably want to include the other Workbench
StorageClasses:
default: true
SAMPLE: true
- Driver: s3
+ Driver: S3
DriverParameters:
# for s3 driver -- see
# https://doc.arvados.org/install/configure-s3-object-storage.html
IAMRole: aaaaa
- AccessKey: aaaaa
- SecretKey: aaaaa
+ AccessKeyID: aaaaa
+ SecretAccessKey: aaaaa
Endpoint: ""
Region: us-east-1a
Bucket: aaaaa
<img src="/arvados-logo-big.png" style="width: 20%; float: right; padding: 1em;" />
<h2>Please log in.</h2>
- <p>The "Log in" button below will show you a sign-in
- page. After you log in, you will be redirected back to
- Arvados Workbench.</p>
-
<p>If you have never used Arvados Workbench before, logging in
for the first time will automatically create a new
account.</p>
- <i>Arvados Workbench uses your name and email address only for
+ <i>Arvados Workbench uses your information only for
identification, and does not retrieve any other personal
information.</i>