From 362af54d37d597d90ae8debae089831a8dea4e3d Mon Sep 17 00:00:00 2001 From: Joao Victor Portal Date: Mon, 19 Sep 2022 16:36:54 -0300 Subject: [PATCH] Update LDAP playbook doc Added documentation for optional parameter "user_role" in "manage_local_ldap_account.yml" playbook. Story: 2010149 Task: 46351 Depends-on: https://review.opendev.org/c/starlingx/ansible-playbooks/+/857982 Signed-off-by: Joao Victor Portal Change-Id: I29df15ab403f213e5bd328155ad907251b7b56d6 --- .../manage-local-ldap-39fe3a85a528.rst | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/doc/source/security/kubernetes/manage-local-ldap-39fe3a85a528.rst b/doc/source/security/kubernetes/manage-local-ldap-39fe3a85a528.rst index bcf34d085..4c1dba566 100644 --- a/doc/source/security/kubernetes/manage-local-ldap-39fe3a85a528.rst +++ b/doc/source/security/kubernetes/manage-local-ldap-39fe3a85a528.rst @@ -127,6 +127,23 @@ password will be prompted during runtime. execute commands with root privileges on the |DC|/Standalone system and associated |DC| Subclouds. +- ``user_role`` (optional): + + ``admin`` + Set the keystone role of the user to be created as ``admin``. + This role has permissions to execute all StarlingX CLI commands. + This is the default value when not specified. + + ``member`` + Set the keystone role of the user to be created as ``member``. + This role is for future use, currently it has the same permissions as + keystone ``reader`` role. + + ``reader`` + Set the keystone role of the user to be created as ``reader``. + This role has permissions to only execute passive display-type + (e.g. list, get) StarlingX CLI commands. + - ``password_change_period``: ````