Code Review / apex-tripleo-heat-templates.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Adds service for managing securetty
[apex-tripleo-heat-templates.git] / puppet / services / keystone.yaml
diff --git a/puppet/services/keystone.yaml b/puppet/services/keystone.yaml
index 1761686..0976b97 100644 (file)
--- a/puppet/services/keystone.yaml
+++ b/puppet/services/keystone.yaml
@@ -158,6 +158,12 @@ parameters:
     description: >
         Cron to purge expired tokens - User
     default: 'keystone'
+  KeystonePolicies:
+    description: |
+      A hash of policies to configure for Keystone.
+      e.g. { keystone-context_is_admin: { key: context_is_admin, value: 'role:admin' } }
+    default: {}
+    type: json
 
 resources:
 
@@ -197,6 +203,7 @@ outputs:
             keystone::admin_token: {get_param: AdminToken}
             keystone::admin_password: {get_param: AdminPassword}
             keystone::roles::admin::password: {get_param: AdminPassword}
+            keystone::policy::policies: {get_param: KeystonePolicies}
             keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
             keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
             keystone::token_provider: {get_param: KeystoneTokenProvider}