Monday, 2021-12-27

« Friday, 2021-12-24 Index Monday, 2022-01-03 »
*** lifeless_ is now known as lifeless08:41
noonedeadpunkhey! I'm looking into usage of service_token_roles, but I'm not quite sure I see whole design behind this. All services use `service` role as a defult, but I don't think there's such default role in keystone? and `admin` role can't be used as implied role as well?10:44
noonedeadpunkSo basically each service user must be assigned to `admin` and `service` roles?10:45
noonedeadpunkAnd there's kind of no way to make it having only `service` without huge policies re-write?10:46
noonedeadpunkwell, policy re-write be minor, but it would be required for each service10:46
noonedeadpunkwhat is recommended way to define roles for services?10:53
opendevreviewbieji proposed openstack/keystone master: https://www.python.org/dev/peps/pep-0506/, using standard library secrets function token_bytes replace with os.urandom  https://review.opendev.org/c/openstack/keystone/+/82276715:38
« Friday, 2021-12-24 Index Monday, 2022-01-03 »

Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!