15 lines
750 B
YAML
15 lines
750 B
YAML
---
|
|
fixes:
|
|
- |
|
|
Fixes the Role Based Access Control state and capabilities to align with
|
|
OpenStack Community RBAC goals which includes support for a ``service``
|
|
role by default to enable inter-service communication to be configured
|
|
without an ``admin`` username. In large part, these changes were missed
|
|
as the Inspector service is considered an "admin-only" service.
|
|
|
|
Also in alignment with overall community position changes, where the
|
|
``admin`` role is sufficient without an explicit ``system`` scope. To
|
|
help ensure a high level of security, explicit testing was also added
|
|
for the ``manager`` role, which is unavailable as that role is reserved
|
|
for administrative functions inside of a tenant's project.
|