Set service_token_roles params for nova, glance and cinder
PROD-32906
Change-Id: I2ad3d6d05c70d998c868419ffd588be7ab3ae8b0
diff --git a/nova/control/cluster.yml b/nova/control/cluster.yml
index 325c6a5..7541d28 100644
--- a/nova/control/cluster.yml
+++ b/nova/control/cluster.yml
@@ -61,6 +61,8 @@
password: ${_param:keystone_nova_password}
tenant: service
protocol: ${_param:cluster_internal_protocol}
+ service_token_roles: admin
+ service_token_roles_required: true
service_user:
enabled: ${_param:nova_service_user_enabled}
barbican:
diff --git a/nova/control/single.yml b/nova/control/single.yml
index 11a0f53..e964f76 100644
--- a/nova/control/single.yml
+++ b/nova/control/single.yml
@@ -25,6 +25,8 @@
identity:
protocol: ${_param:cluster_internal_protocol}
region: ${_param:openstack_region}
+ service_token_roles: admin
+ service_token_roles_required: true
service_user:
enabled: ${_param:nova_service_user_enabled}
network: