diff --git a/patrole_tempest_plugin/rbac_policy_parser.py b/patrole_tempest_plugin/rbac_policy_parser.py
index d4e989bd..1047d37e 100644
--- a/patrole_tempest_plugin/rbac_policy_parser.py
+++ b/patrole_tempest_plugin/rbac_policy_parser.py
@@ -81,7 +81,7 @@ class RbacPolicyParser(object):
         path = getattr(CONF.rbac, '%s_policy_file' % str(service), None)
         if not path:
             LOG.info("No config option found for %s,"
-                     " using default path" % str(service))
+                     " using default path", str(service))
             path = os.path.join('/etc', service, 'policy.json')
         self.path = path
         self.rules = policy.Rules.load(self._get_policy_data(service),
diff --git a/patrole_tempest_plugin/rbac_rule_validation.py b/patrole_tempest_plugin/rbac_rule_validation.py
index d77b2d65..60a0f101 100644
--- a/patrole_tempest_plugin/rbac_rule_validation.py
+++ b/patrole_tempest_plugin/rbac_rule_validation.py
@@ -104,7 +104,7 @@ def action(service, rule='', admin_only=False, expected_error_code=403,
                            (role, rule))
                     LOG.error(msg)
                     raise exceptions.Forbidden(
-                        "%s exception was: %s" % (msg, e))
+                        "%s Exception was: %s" % (msg, e))
             except Exception as e:
                 exc_info = sys.exc_info()
                 error_details = exc_info[1].__str__()
@@ -115,7 +115,7 @@ def action(service, rule='', admin_only=False, expected_error_code=403,
                 six.reraise(exc_info[0], exc_info[0](msg), exc_info[2])
             else:
                 if not allowed:
-                    LOG.error("Role %s was allowed to perform %s" %
+                    LOG.error("Role %s was allowed to perform %s",
                               (role, rule))
                     raise rbac_exceptions.RbacOverPermission(
                         "OverPermission: Role %s was allowed to perform %s" %
diff --git a/patrole_tempest_plugin/tests/unit/test_rbac_rule_validation.py b/patrole_tempest_plugin/tests/unit/test_rbac_rule_validation.py
index 41af3b23..369c5636 100644
--- a/patrole_tempest_plugin/tests/unit/test_rbac_rule_validation.py
+++ b/patrole_tempest_plugin/tests/unit/test_rbac_rule_validation.py
@@ -255,7 +255,8 @@ class RBACRuleValidationTest(base.TestCase):
                       "sentinel.action"), e.__str__())
 
         mock_log.error.assert_called_once_with(
-            "Role Member was allowed to perform sentinel.action")
+            'Role %s was allowed to perform %s', ('Member',
+                                                  mock.sentinel.action))
 
     @mock.patch.object(rbac_rv, 'rbac_policy_parser', autospec=True)
     def test_invalid_policy_rule_throws_parsing_exception(
diff --git a/tox.ini b/tox.ini
index be355099..d2e83e96 100644
--- a/tox.ini
+++ b/tox.ini
@@ -53,9 +53,9 @@ commands =
 commands = oslo_debug_helper -t patrole_tempest_plugin/tests {posargs}
 
 [flake8]
-# E123, E125 skipped as they are invalid PEP-8.
-
+enable-extensions = H106,H203,H904
 show-source = True
+# E123, E125 skipped as they are invalid PEP-8.
 ignore = E123,E125
 builtins = _
 exclude=.venv,.git,.tox,dist,doc,*lib/python*,*egg,build