openstack/puppet-neutron
Code Issues Proposed changes
master
puppet-neutron/releasenotes/notes/system_scope-keystone-024e391d7b20ed8b.yaml
Takashi Kajinami a528fe3c4e Accept system scope credentials for Keystone API request 
This change is the first step to support secure RBAC and allows usage
of system scope credentials for Keystone API request.

This change covers the following two items.
 - assignment of system scope roles to system user
 - credential parameters for authtoken middleware

Note that the credential parameters for authtoken middleware are
used in some providers, and these providers still require a project
scope credential. This will be fixed by the subsequent change.

Depends-on: https://review.opendev.org/804325
Change-Id: I8b73f04bd10d0129c7437c6f9c6a436b6171f39d
2021-11-26 22:23:46 +09:00

14 lines
380 B
YAML
Raw Permalink Blame History

---
features:
- |
The ``system_scope`` parameter has been added to
the ``neutron::keystone::authtoken`` class.
- |
The ``neutron::keystone::auth`` class now supports customizing roles
assigned to the neutron service user.
- |
The ``neutron::keystone::auth`` class now supports defining assignmet of
system-scoped roles to the neutron service user.
View Git Blame Copy Permalink