diff options
author | Lance Bragstad <lbragstad@gmail.com> | 2020-11-18 21:16:05 +0000 |
---|---|---|
committer | Julia Kreger <juliaashleykreger@gmail.com> | 2021-02-22 05:49:11 -0800 |
commit | ff883486e62e394b03ed7c6e6911ca082e599586 (patch) | |
tree | 0f7f02886dcea39535066197fe794ed41839c6a8 /releasenotes/notes/system-scoped-authentication-28e3651de250bea8.yaml | |
parent | 9e773d96cae24436afc3cf9aff30f40d558678af (diff) | |
download | ironic-ff883486e62e394b03ed7c6e6911ca082e599586.tar.gz |
Implement system scoped RBAC for node and driver passthru
This commit updates the policies for baremetal passthru policies to understand
scope checking and account for a read-only role. This is part of a broader
series of changes across OpenStack to provide a consistent RBAC experience and
improve security.
Change-Id: I31a258e0ce7db7e931e62f2a06e610857dabdd47
Diffstat (limited to 'releasenotes/notes/system-scoped-authentication-28e3651de250bea8.yaml')
-rw-r--r-- | releasenotes/notes/system-scoped-authentication-28e3651de250bea8.yaml | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/releasenotes/notes/system-scoped-authentication-28e3651de250bea8.yaml b/releasenotes/notes/system-scoped-authentication-28e3651de250bea8.yaml index 20ff567da..d6bf79999 100644 --- a/releasenotes/notes/system-scoped-authentication-28e3651de250bea8.yaml +++ b/releasenotes/notes/system-scoped-authentication-28e3651de250bea8.yaml @@ -3,7 +3,7 @@ features: - | The Baremetal API, provided by the ironic-api process, now supports use of ``system`` scoped ``keystone`` authentication for the following endpoints: - nodes, ports, portgroups, chassis, drivers + nodes, ports, portgroups, chassis, drivers, vendor passthru. upgrade: - | Deprecated policy rules are not expressed via a default policy file |