Set service_token_roles params for nova, glance and cinder
PROD-32906
Change-Id: I2ad3d6d05c70d998c868419ffd588be7ab3ae8b0
diff --git a/nova/compute/cluster.yml b/nova/compute/cluster.yml
index 94e4157..8a7b362 100644
--- a/nova/compute/cluster.yml
+++ b/nova/compute/cluster.yml
@@ -43,6 +43,8 @@
password: ${_param:keystone_nova_password}
tenant: service
protocol: ${_param:cluster_internal_protocol}
+ service_token_roles: admin
+ service_token_roles_required: true
service_user:
enabled: ${_param:nova_service_user_enabled}
barbican:
diff --git a/nova/compute/single.yml b/nova/compute/single.yml
index 287442e..44077a8 100644
--- a/nova/compute/single.yml
+++ b/nova/compute/single.yml
@@ -42,6 +42,8 @@
tenant: service
protocol: ${_param:cluster_internal_protocol}
region: ${_param:openstack_region}
+ service_token_roles: admin
+ service_token_roles_required: true
barbican:
enabled: ${_param:barbican_integration_enabled}
service_user:
diff --git a/nova/control/cluster.yml b/nova/control/cluster.yml
index e7f76fa..359d0d6 100644
--- a/nova/control/cluster.yml
+++ b/nova/control/cluster.yml
@@ -62,6 +62,8 @@
password: ${_param:keystone_nova_password}
tenant: service
protocol: ${_param:cluster_internal_protocol}
+ service_token_roles: admin
+ service_token_roles_required: true
service_user:
enabled: ${_param:nova_service_user_enabled}
barbican:
diff --git a/nova/control/single.yml b/nova/control/single.yml
index 0108af6..cbdfddb 100644
--- a/nova/control/single.yml
+++ b/nova/control/single.yml
@@ -26,6 +26,8 @@
identity:
protocol: ${_param:cluster_internal_protocol}
region: ${_param:openstack_region}
+ service_token_roles: admin
+ service_token_roles_required: true
service_user:
enabled: ${_param:nova_service_user_enabled}
network: