Monday, 2021-12-27

*** lifeless_ is now known as lifeless08:41
noonedeadpunkhey! I'm looking into usage of service_token_roles, but I'm not quite sure I see whole design behind this. All services use `service` role as a defult, but I don't think there's such default role in keystone? and `admin` role can't be used as implied role as well?10:44
noonedeadpunkSo basically each service user must be assigned to `admin` and `service` roles?10:45
noonedeadpunkAnd there's kind of no way to make it having only `service` without huge policies re-write?10:46
noonedeadpunkwell, policy re-write be minor, but it would be required for each service10:46
noonedeadpunkwhat is recommended way to define roles for services?10:53
opendevreviewbieji proposed openstack/keystone master:, using standard library secrets function token_bytes replace with os.urandom

Generated by 2.17.3 by Marius Gedminas - find it at!