Yes, AFAIK all of the current use-cases for trusts (heat/solum/ceilometer) require impersonation.
If we need to add a temporary check which denies creating a trust with a trust-scoped token, that sounds fine to me, but then I'd like to get a spec worked out asap for explicit chaining, which is what I tried to specify in the trusts-chained-delegation BP (which was marked implemented for Icehouse), but clearly didn't explain very well because limited-use-trusts got implemented instead :)
I'm happy to work with ayoung to define a spec which enables a limited chain of delegation, and do the work to implement it, as it is needed for Solum/Heat interoperability ref bug #1317293 (and potentially heat/ceilometer too)
> Is there any existing need for impersonation?
Yes, AFAIK all of the current use-cases for trusts (heat/solum/ ceilometer) require impersonation.
If we need to add a temporary check which denies creating a trust with a trust-scoped token, that sounds fine to me, but then I'd like to get a spec worked out asap for explicit chaining, which is what I tried to specify in the trusts- chained- delegation BP (which was marked implemented for Icehouse), but clearly didn't explain very well because limited-use-trusts got implemented instead :)
I'm happy to work with ayoung to define a spec which enables a limited chain of delegation, and do the work to implement it, as it is needed for Solum/Heat interoperability ref bug #1317293 (and potentially heat/ceilometer too)