puppet-keystone

History

Takashi Kajinami c140a44aeb Use system scope credentials to request keystone When SRBAC is enforced, Keystone allows only system admin to create resources like user, role, role assignment and etc. With this change now each provider uses system scope credential to create resources like user, endpoint and etc. This change also replaces /etc/keystone/puppet.conf by the yaml file for openstackclient(/etc/openstack/puppet/admin-clouds.yaml) This allows us to switch a system scope credential and a project scope credential, and helps us implement a new provider which requires project scope, in the future. Depends-on: https://review.opendev.org/828025 Change-Id: I27eb6b11df593581c94ef0affaf5abb8e333833b	2022-02-11 19:56:26 +09:00
..
openstack.rb	Use system scope credentials to request keystone	2022-02-11 19:56:26 +09:00

Takashi Kajinami c140a44aeb Use system scope credentials to request keystone

When SRBAC is enforced, Keystone allows only system admin to create
resources like user, role, role assignment and etc. With this change
now each provider uses system scope credential to create resources
like user, endpoint and etc.

This change also replaces /etc/keystone/puppet.conf by the yaml file
for openstackclient(/etc/openstack/puppet/admin-clouds.yaml)
This allows us to switch a system scope credential and a project
scope credential, and helps us implement a new provider which requires
project scope, in the future.

Depends-on: https://review.opendev.org/828025
Change-Id: I27eb6b11df593581c94ef0affaf5abb8e333833b

2022-02-11 19:56:26 +09:00

openstack.rb

Use system scope credentials to request keystone

2022-02-11 19:56:26 +09:00