puppet-manila/system_scope-all-4a661d5cc27d448a.yaml at bc10dfefdecb83c39b2309d4486cf38ad574890c - puppet-manila - OpenDev: Free Software Needs Free Tools

openstack/puppet-manila

Takashi Kajinami bc10dfefde Globally support system scope credentials

After spending huge effort to understand the exact requirements to
enforce SRBAC, we learned it's very difficult to find the required
scope in each credential. This requires understanding implementation of
client-side as well as server-side, and requirement might be different
according to the deployment architecture or features used.

Instead of implementing support based on the actual implementation,
this introduces support for system scope credentials to all places
where keystone user credential is defined, and make all credential
configurations consistent.

Change-Id: I6e9a3d93f33069c2f1f7bc10c48ad61ce9357682

2022-03-04 01:54:33 +09:00

10 lines

233 B

YAML

Raw Blame History

 ---
 features:
   - |
     The new ``system_scope`` parameter has been added to the following classes.
     - ``manila::compute::nova``
     - ``manila::image::glance``
     - ``manila::network::neutron``
     - ``manila::volume::cinder``