From 4cd7efa6e669d6b1e8d2ebf2e01899b1957b947e Mon Sep 17 00:00:00 2001
From: Markus Hentsch <markus.hentsch@secustack.com>
Date: Wed, 20 Sep 2023 11:39:50 +0200
Subject: [PATCH] Add two links to related upstream documents and corresponding
 summaries

Signed-off-by: Markus Hentsch <markus.hentsch@secustack.com>
---
 Standards/scs-0302-v1-domain-manager-role.md | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/Standards/scs-0302-v1-domain-manager-role.md b/Standards/scs-0302-v1-domain-manager-role.md
index 0cfd62d98..1892ed163 100644
--- a/Standards/scs-0302-v1-domain-manager-role.md
+++ b/Standards/scs-0302-v1-domain-manager-role.md
@@ -160,7 +160,19 @@ A role named "`domain-manager`" is to be created via the Keystone API and the po
 
 ## Related Documents
 
-Related Documents, OPTIONAL
+### "admin"-ness not properly scoped
+
+**Description:** Upstream bug report about the underlying architectural issue of the `admin` role not being properly scoped and giving system-level admin permissions regardless of whether the `admin` role assignment was scoped to project or domain level.
+This is the main reason for the `admin` role being inappropriate to implement Domain Managers.
+
+**Link:** https://bugs.launchpad.net/keystone/+bug/968696
+
+### Consistent and Secure Default RBAC
+
+**Description:** Upstream rework of the default role definitions and hierarchy across all OpenStack services.
+Aims to introduce support for a scoped `manager` role by 2024 but only focuses on project-level scoping for this role so far, not domain-level.
+
+**Link:** https://governance.openstack.org/tc/goals/selected/consistent-and-secure-rbac.html2
 
 ## Conformance Tests