rgw/auth: Add service token accepted role config opt

author Tobias Urdin <tobias.urdin@binero.se>

Wed, 27 Apr 2022 06:49:21 +0000 (06:49 +0000)

committer Tobias Urdin <tobias.urdin@binero.se>

Wed, 21 Sep 2022 20:33:29 +0000 (20:33 +0000)
author Tobias Urdin <tobias.urdin@binero.se>
Wed, 27 Apr 2022 06:49:21 +0000 (06:49 +0000)
committer Tobias Urdin <tobias.urdin@binero.se>
Wed, 21 Sep 2022 20:33:29 +0000 (20:33 +0000)
diff --git a/src/common/options/rgw.yaml.in b/src/common/options/rgw.yaml.in

index caf75914507136afccaa19030b3c630c1bed2ba0..2301e42cb672207cbb134556a360948d9e91730b 100644 (file)
--- a/src/common/options/rgw.yaml.in
+++ b/src/common/options/rgw.yaml.in
@@ -681,6 +681,16 @@ options:
    services:
    - rgw
    with_legacy: true
+- name: rgw_keystone_service_token_accepted_roles
+  type: str
+  level: advanced
+  desc: Only users with one of these roles will be valid for service users.
+  fmt_desc: The users that created the service token given must have one of
+    these roles to be considered a valid service user.
+  default: admin
+  services:
+  - rgw
+  with_legacy: true
  - name: rgw_keystone_barbican_user
    type: str
    level: advanced
author	Tobias Urdin <tobias.urdin@binero.se>
	Wed, 27 Apr 2022 06:49:21 +0000 (06:49 +0000)
committer	Tobias Urdin <tobias.urdin@binero.se>
	Wed, 21 Sep 2022 20:33:29 +0000 (20:33 +0000)