2 files changed, 5 insertions, 5 deletions

diff --git a/puppet/modules/site_couchdb/manifests/add_users.pp b/puppet/modules/site_couchdb/manifests/add_users.pp
index c83b096d..e525d01a 100644
--- a/puppet/modules/site_couchdb/manifests/add_users.pp
+++ b/puppet/modules/site_couchdb/manifests/add_users.pp
@@ -17,7 +17,7 @@ class site_couchdb::add_users {
   }
 
   couchdb::add_user { $site_couchdb::couchdb_webapp_user:
-    roles   => '["auth"]',
+    roles   => '["auth","identities"]',
     pw      => $site_couchdb::couchdb_webapp_pw,
     salt    => $site_couchdb::couchdb_webapp_salt,
     require => Couchdb::Query::Setup['localhost']
diff --git a/puppet/modules/site_couchdb/manifests/create_dbs.pp b/puppet/modules/site_couchdb/manifests/create_dbs.pp
index b5404231..a734c870 100644
--- a/puppet/modules/site_couchdb/manifests/create_dbs.pp
+++ b/puppet/modules/site_couchdb/manifests/create_dbs.pp
@@ -1,10 +1,10 @@
 class site_couchdb::create_dbs {
 
-  # leap_mx will want access to this. Granting access to the soledad user
-  # via the auth group for now.
-  # leap_mx could use that for a start.
+  # identities database
+  # r/w: webapp
+  # r: nickserver, leap_mx - need to restrict with design document
   couchdb::create_db { 'identities':
-    members => "{ \"names\": [], \"roles\": [\"auth\"] }",
+    members => "{ \"names\": [], \"roles\": [\"identities\"] }",
     require => Couchdb::Query::Setup['localhost']
   }