openstack/puppet-barbican
Code Issues Proposed changes
Files
b8f86e2e0a5f605da9710a923238f4ae87c00ee5
puppet-barbican/releasenotes/notes/system_scope-keystone-dfb7566a1f8b1eab.yaml
Takashi Kajinami e3a92d7798 Accept system scope credentials for Keystone API request 
This change is the first step to support secure RBAC and allows usage
of system scope credentials for Keystone API request.

This change covers the following two items.
 - assignment of system scope roles to system user
 - credential parameters for authtoken middleware

Depends-on: https://review.opendev.org/804325
Change-Id: Ifbdde0718d1b6a6782c4f098fd152c3f636aa2c4
2021-11-25 21:11:50 +09:00

14 lines
385 B
YAML
Raw Blame History

---
features:
- |
The ``system_scope`` parameter has been added to
the ``barbican::keystone::authtoken`` class.
- |
The ``barbican::keystone::auth`` class now supports customizing roles
assigned to the barbican service user.
- |
The ``barbican::keystone::auth`` class now supports defining assignmet of
system-scoped roles to the barbican service user.
View Git Blame Copy Permalink