d44ed7f18c
Expand bootstrap process to include creation of roles outlined in basic default roles spec. The bootstrap process now creates two new roles, 'reader' and 'member, in addition to the well established 'admin' role. During this process, a role implication[1] chain is created: 'admin' implies 'member' and 'member' implies 'reader'. [1] - https://developer.openstack.org/api-ref/identity/v3/#create-role-inference-rule Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com> bp basic-default-roles Depends-On: https://review.openstack.org/574149 Change-Id: Ie18a269e3d1075d955fe494acaf634a393c6bd7b
16 lines
768 B
YAML
16 lines
768 B
YAML
---
|
|
features:
|
|
- |
|
|
[`blueprint basic-default-roles <https://blueprints.launchpad.net/keystone/+spec/basic-default-roles>`_]
|
|
Support has been added for deploying two new roles during the bootstrap
|
|
process, `reader` and `member`, in addition to the `admin` role.
|
|
upgrades:
|
|
- |
|
|
If the bootstrap process is re-run, and a `reader`, `member`, or `admin`
|
|
role already exists, a role implication chain will be created: `admin`
|
|
implies `member` implies `reader`. If you do not want these role
|
|
implications either skip running bootstrap or delete them after it has
|
|
completed execution. See
|
|
[`blueprint basic-default-roles <https://blueprints.launchpad.net/keystone/+spec/basic-default-roles>`_]
|
|
for more details.
|