openstack/puppet-swift
Code Issues Proposed changes
Files
master
puppet-swift/releasenotes/notes/system_scope-keystone-30d9867d48b6ab11.yaml
Takashi Kajinami 2f2183e9d6 Accept system scope credentials for Keystone API request 
This change is the first step to support secure RBAC and allows usage
of system scope credentials for Keystone API request.

This change covers the following three items.
 - assignment of system scope roles to system user
 - credential parameters for authtoken middleware
 - credential parameters for s3token middleware
 - credential parameters for ceilometer middleware

Depends-on: https://review.opendev.org/804325
Change-Id: I1923a5aed12a503f450c7d2e4a7784e4746fb46c
2022-01-25 15:20:39 +09:00

17 lines
449 B
YAML
Raw Permalink Blame History

---
features:
- |
The ``system_scope`` parameter has been added to the following classes.
- ``swift::proxy::authtoken``
- ``swift::proxy::ceilometer``
- ``swift::proxy::s3token``
- |
The ``swift::keystone::auth`` class now supports customizing roles
assigned to the swift service user.
- |
The ``swift::keystone::auth`` class now supports defining assignmet of
system-scoped roles to the swift service user.
View Git Blame Copy Permalink