openstack/puppet-heat
Code Issues Proposed changes
0daf287341
puppet-heat/releasenotes/notes/system_scope-keystone-ea935e84e1f0c430.yaml
Takashi Kajinami d3a63122cb Accept system scope credentials for Keystone API request 
This change is the first step to support secure RBAC and allows usage
of system scope credentials for Keystone API request.

This change covers the following two items.
 - assignment of system scope roles to system user
 - credential parameters for authtoken middleware

Depends-on: https://review.opendev.org/804325
Change-Id: I1429b2cc6f3c01c07ec26b1a7242e451072be368
2021-11-26 00:59:17 +09:00

22 lines
620 B
YAML
Raw Blame History

---
features:
- |
The ``system_scope`` parameter has been added to
the ``heat::keystone::authtoken`` class.
- |
The ``heat::keystone::auth`` class now supports customizing roles assigned
to the heat service user.
- |
The ``heat::keystone::auth_cfn`` class now supports customizing roles
assigned to the heat service user.
- |
The ``heat::keystone::auth`` class now supports defining assignmet of
system-scoped roles to the heat service user.
- |
The ``heat::keystone::auth_cfn`` class now supports defining assignmet of
system-scoped roles to the heat service user.
View Git Blame Copy Permalink