Skip to content

Commit 9be2c10

Browse files
federicaagostinifedericaagostini
committed
Improve VOMS-AA doc
1 parent 46c7919 commit 9be2c10

File tree

1 file changed

+3
-1
lines changed
  • content/en/docs/tasks/deployment/voms

1 file changed

+3
-1
lines changed

content/en/docs/tasks/deployment/voms/_index.md

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -70,7 +70,9 @@ following variables:
7070

7171
- `VOMS_AA_HOST`: host name used to access the VOMS AA service
7272
- `VOMS_AA_PORT` VOMS AA port
73-
- `VOMS_AA_VO`: VO served by the VOMS AA service
73+
- `VOMS_AA_VO`: VO served by the VOMS AA service (lower case).
74+
75+
A top level group equal to `VOMS_AA_VO` must be defined in IAM. The attributes appearing in the VOMS proxy include all the sub-groups of the parent group equal to the VO name. Top level groups different from the VO name may be still be used for group-based authorization with JWTs, but will not appear in the proxy.
7476

7577
You also need to create a VOMS AA YAML configuration file with the content below (its content should
7678
be generic as it relies on standard environment variables used to configure the login service) and map it

0 commit comments

Comments
 (0)