aboutsummaryrefslogtreecommitdiffstats
path: root/puppet/services/keystone.yaml
diff options
context:
space:
mode:
authorJenkins <jenkins@review.openstack.org>2017-03-30 05:29:22 +0000
committerGerrit Code Review <review@openstack.org>2017-03-30 05:29:22 +0000
commit313ece74cd7dd7a715f345038dbe78ec107a9afd (patch)
tree51676d6121f238f1a0886a7fe4e6c1eacc2e30f4 /puppet/services/keystone.yaml
parent0ae9d9b346f1c5d7e29b8f281474577eca260670 (diff)
parent91053af09dace8dba65c9e5b72eb7de15fd69522 (diff)
Merge "Allow to configure policy.json for OpenStack projects"
Diffstat (limited to 'puppet/services/keystone.yaml')
-rw-r--r--puppet/services/keystone.yaml7
1 files changed, 7 insertions, 0 deletions
diff --git a/puppet/services/keystone.yaml b/puppet/services/keystone.yaml
index 17616867..0976b97c 100644
--- a/puppet/services/keystone.yaml
+++ b/puppet/services/keystone.yaml
@@ -158,6 +158,12 @@ parameters:
description: >
Cron to purge expired tokens - User
default: 'keystone'
+ KeystonePolicies:
+ description: |
+ A hash of policies to configure for Keystone.
+ e.g. { keystone-context_is_admin: { key: context_is_admin, value: 'role:admin' } }
+ default: {}
+ type: json
resources:
@@ -197,6 +203,7 @@ outputs:
keystone::admin_token: {get_param: AdminToken}
keystone::admin_password: {get_param: AdminPassword}
keystone::roles::admin::password: {get_param: AdminPassword}
+ keystone::policy::policies: {get_param: KeystonePolicies}
keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
keystone::token_provider: {get_param: KeystoneTokenProvider}