Bug 1741889

Summary: [RFE] Configure read only role in policy.json for barbican
Product: Red Hat OpenStack Reporter: Federico Iezzi <fiezzi>
Component: rhosp-directorAssignee: RHOS Maint <rhos-maint>
Status: CLOSED DUPLICATE QA Contact:
Severity: medium Docs Contact:
Priority: unspecified    
Version: 13.0 (Queens)CC: augol, dbecker, djuran, hrybacki, mburns, morazi
Target Milestone: ---Keywords: FutureFeature, ZStream
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-07-21 15:50:06 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Federico Iezzi 2019-08-16 10:55:17 UTC 
1. Proposed title of this feature request  
Need barbican policy to be configured to include a read-only role.
  
2. What is the nature and description of the request?  
Customer(s) has the requirement of read-only admin role for all OpenStack core services.

3. Why does the customer need this? (List the business requirements here)  
  A read-only admin user is necessary for customer environment.

Additional info:
The following bug is raised for keystone to add role.
This role can be configured in policy file.
Bug 1228474 - [RFE] Read only role for tenant access (edit) 
https://blueprints.launchpad.net/keystone/+spec/admin-readonly-role