openstack/puppet-ironic
Code Issues Proposed changes
16dd50e03c
puppet-ironic/releasenotes/notes/system_scope-keystone-0ba98f21e99fd283.yaml
Takashi Kajinami 2757d7d333 Accept system scope credentials for Keystone API request 
This change is the first step to support secure RBAC and allows usage
of system scope credentials for Keystone API request.

This change covers the following two items.
 - assignment of system scope roles to system user
 - credential parameters for authtoken middleware

Depends-on: https://review.opendev.org/804325
Change-Id: I95a20233f16d652131f398b50ba0da3146e8129e
2021-11-25 23:17:34 +09:00

20 lines
599 B
YAML
Raw Blame History

---
features:
- |
The ``system_scope`` parameter has been added to the following classes.
- ``ironic::api::authtoken``
- ``ironic::inspector::authtoken``
- |
The ``ironic::keystone::auth_inspector`` class now supports customizing
roles assigned to the ironic-inspector service user.
- |
The ``ironic::keystone::auth`` class now supports defining assignmet of
system-scoped roles to the ironic service user.
- |
The ``ironic::keystone::auth_inspector`` class now supports defining
assignmet of system-scoped roles to the ironic-inspector service user.
View Git Blame Copy Permalink