Comment 1 for bug 1743603

Warning message is triggered only if some service makes a call to keystone, but in case of non-keystone service calls like nova calling cinder, the request is going through 'authtoken' middleware[0] in paste pipeline which initializes keystonemiddleware.auth_token.BaseAuthProtocol[1] by loading 'service_token_roles', 'service_token_roles_required'[2] from cinder.conf file .

[0][filter:authtoken]
   paste.filter_factory = keystonemiddleware.auth_token:filter_factory

[1] https://github.com/openstack/keystonemiddleware/blob/stable/pike/keystonemiddleware/auth_token/__init__.py#L565-L570

[2]
[keystone_authtoken]
service_token_roles_required = True
service_token_roles = admin