Folks,
I have recently deployed openstack 2023.1 using kolla-ansible and after setting up magnum I noticed the following policy error when obtaining cards. After reading [1] the policy file looks like it needs a reader role to obtain a certificate. I have assigned the "reader" role to the user but still getting the same error message and no luck.
$ openstack role add --user user1 --user-domain mydomain1 --project myproject1 reader
# Reload User Creds RC file.
$ openstack coe cluster config dev2
Policy doesn't allow certificate:get to be performed (HTTP 403) (Request-ID: req-7445ef3c-52a3-4911-97f6-1fb25d9fac1f)
What else could be wrong here?