DNM: Disable secure RBAC as workaround

When keystone is configured with secureRBACEnforceNewDefaults set to True, RGW configured as object storage does not work as expected and produces an "Access Denied" error. After this PR: openstack-k8s-operators/keystone-operator#415 The same should be true for enableSecureRBAC=True As a workaround for this problem, use enableSecureRBAC set to False by using this patch. This allows you to test RGW other aspectes of RGW. Signed-off-by: John Fulton <fulton@redhat.com>
fultonj · May 28, 2024 · ebb0b6b · ebb0b6b
1 parent f7d6cf5
commit ebb0b6b
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/lib/control-plane/openstackcontrolplane.yaml b/lib/control-plane/openstackcontrolplane.yaml
@@ -11,6 +11,7 @@ spec:
       databaseInstance: openstack
       secret: osp-secret
       barbicanAPI:
+        enableSecureRBAC: false
         replicas: 1
       barbicanWorker:
         replicas: 1
@@ -101,6 +102,7 @@ spec:
     apiOverride:
       route: {}
     template:
+      enableSecureRBAC: false
       databaseInstance: openstack
       secret: osp-secret
   manila: