Ability to define service_token_roles
PROD-32905
Change-Id: I53f7ee822f4c189eaf9d9896f3a7433fb356a641
diff --git a/glance/files/pike/glance-api.conf.Debian b/glance/files/pike/glance-api.conf.Debian
index 6b5de03..9661c38 100644
--- a/glance/files/pike/glance-api.conf.Debian
+++ b/glance/files/pike/glance-api.conf.Debian
@@ -3283,6 +3283,12 @@
{%- endif %}
{%- endif %}
{%- endif %}
+{%- if server.identity.service_token_roles is defined %}
+service_token_roles = {{ server.identity.service_token_roles }}
+{%- endif %}
+{%- if server.identity.service_token_roles_required is defined %}
+service_token_roles_required = {{ server.identity.service_token_roles_required }}
+{%- endif %}
#
# From keystonemiddleware.auth_token
#
diff --git a/glance/files/pike/glance-registry.conf.Debian b/glance/files/pike/glance-registry.conf.Debian
index 34777d4..9657420 100644
--- a/glance/files/pike/glance-registry.conf.Debian
+++ b/glance/files/pike/glance-registry.conf.Debian
@@ -1208,6 +1208,12 @@
{%- endif %}
{%- endif %}
{%- endif %}
+{%- if server.identity.service_token_roles is defined %}
+service_token_roles = {{ server.identity.service_token_roles }}
+{%- endif %}
+{%- if server.identity.service_token_roles_required is defined %}
+service_token_roles_required = {{ server.identity.service_token_roles_required }}
+{%- endif %}
# Complete "public" Identity API endpoint. This endpoint should not be an
# "admin" endpoint, as it should be accessible by all end users. Unauthenticated
# clients are redirected to this endpoint to authenticate. Although this