diff --git a/group_vars/all.yml.sample b/group_vars/all.yml.sample
index 8f5dafb6c..351d36e76 100644
--- a/group_vars/all.yml.sample
+++ b/group_vars/all.yml.sample
@@ -294,31 +294,6 @@ dummy:
 # https://github.com/civetweb/civetweb/blob/master/docs/UserManual.md
 #radosgw_civetweb_options: "port={{ radosgw_civetweb_bind_ip }}:{{ radosgw_civetweb_port }} num_threads={{ radosgw_civetweb_num_threads }}"
 #radosgw_keystone: false # activate OpenStack Keystone options full detail here: http://ceph.com/docs/master/radosgw/keystone/
-#radosgw_keystone_url: # url:admin_port ie: http://192.168.0.1:35357
-#radosgw_keystone_api_version: 2 # API versions 2 and 3 are supported
-#radosgw_keystone_ssl: true # Can be used to disable PKI revocation checks when other token types are used.
-# for admin_token method, define radosgw_keystone_admin_token
-# for auth_token method, define _user, _password, and _tenant
-#radosgw_keystone_auth_method: admin_token
-#radosgw_keystone_admin_token: password
-#radosgw_keystone_admin_user: username
-#radosgw_keystone_admin_password: password
-#radosgw_keystone_admin_tenant: tenant
-#radosgw_keystone_admin_domain: default
-#radosgw_keystone_accepted_roles: Member, _member_, admin
-#radosgw_keystone_token_cache_size: 10000
-#radosgw_keystone_revocation_internal: 900
-#radosgw_s3_auth_use_keystone: "true"
-#radosgw_nss_db_path: /var/lib/ceph/radosgw/ceph-radosgw.{{ ansible_hostname }}/nss
-# Settings for the RGW usage logging described at http://docs.ceph.com/docs/jewel/man/8/radosgw/#usage-logging
-#radosgw_usage_log: false
-#radosgw_usage_log_tick_interval: 30
-#radosgw_usage_log_flush_threshold: 1024
-#radosgw_usage_max_shards: 32
-#radosgw_usage_max_user_shards: 1
-# Settings for static website hosting
-#radosgw_static_website: false
-#radosgw_dns_s3website_name: your.subdomain.tld # subdomain used by radosgw for website bucket hosting.
 # Rados Gateway options
 #email_address: foo@bar.com
 
diff --git a/profiles/rgw-keystone-v2 b/profiles/rgw-keystone-v2
new file mode 100644
index 000000000..5415dc000
--- /dev/null
+++ b/profiles/rgw-keystone-v2
@@ -0,0 +1,30 @@
+---
+# THIS FILE IS AN EXAMPLE THAT CONTAINS A SET OF VARIABLE FOR A PARTICULAR PURPOSE
+# GOAL: CONFIGURE RADOS GATEWAY WITH KEYSTONE V2
+#
+# The following variables should be added in your group_vars/rgws file
+# The double quotes are important, do NOT remove them.
+
+
+ceph_conf_overrides:
+  "client.rgw.{{ hostvars[inventory_hostname]['ansible_hostname'] }}":
+    "rgw keystone api version": "2"
+    "rgw keystone url": "http://192.168.0.1:35357"
+    "rgw keystone admin token": "password"
+    "rgw keystone admin tenant": "admin"
+    "rgw keystone accepted roles": "Member, _member_, admin"
+    "rgw keystone token cache size": "10000"
+    "rgw keystone revocation interval": "900"
+    "rgw s3 auth use keystone": "true"
+    "nss db path": "/var/lib/ceph/radosgw/ceph-radosgw.{{ ansible_hostname }}/nss"
+
+
+# NOTE (leseb): to authentivate with Keystone you have two options:
+# * using a token (like shown above)
+#     - "rgw keystone admin token" = admin"
+#     - "rgw keystone token cache size" = 10000"
+#
+# * use credential:
+#     - "rgw keystone admin user" = "admin"
+#     - "rgw keystone admin password" = "password"
+#
diff --git a/profiles/rgw-keystone-v3 b/profiles/rgw-keystone-v3
new file mode 100644
index 000000000..4635d9130
--- /dev/null
+++ b/profiles/rgw-keystone-v3
@@ -0,0 +1,31 @@
+---
+# THIS FILE IS AN EXAMPLE THAT CONTAINS A SET OF VARIABLE FOR A PARTICULAR PURPOSE
+# GOAL: CONFIGURE RADOS GATEWAY WITH KEYSTONE V3
+#
+# The following variables should be added in your group_vars/rgws file
+# The double quotes are important, do NOT remove them.
+
+
+ceph_conf_overrides:
+  "client.rgw.{{ hostvars[inventory_hostname]['ansible_hostname'] }}":
+    "rgw keystone api version": "3"
+    "rgw keystone url": "http://192.168.0.1:35357"
+    "rgw keystone admin token": "password"
+    "rgw keystone admin project": "admin"
+    "rgw keystone admin domain": "default"
+    "rgw keystone accepted roles": "Member, _member_, admin"
+    "rgw keystone token cache size": "10000"
+    "rgw keystone revocation interval": "900"
+    "rgw s3 auth use keystone": "true"
+    "nss db path": "/var/lib/ceph/radosgw/ceph-radosgw.{{ ansible_hostname }}/nss"
+
+
+# NOTE (leseb): to authentivate with Keystone you have two options:
+# * using a token (like shown above)
+#     - "rgw keystone admin token" = admin"
+#     - "rgw keystone token cache size" = 10000"
+#
+# * use credential:
+#     - "rgw keystone admin user" = "admin"
+#     - "rgw keystone admin password" = "password"
+#
diff --git a/roles/ceph-common/defaults/main.yml b/roles/ceph-common/defaults/main.yml
index 4cf298840..1a45f94bc 100644
--- a/roles/ceph-common/defaults/main.yml
+++ b/roles/ceph-common/defaults/main.yml
@@ -286,31 +286,6 @@ radosgw_civetweb_num_threads: 100
 # https://github.com/civetweb/civetweb/blob/master/docs/UserManual.md
 radosgw_civetweb_options: "port={{ radosgw_civetweb_bind_ip }}:{{ radosgw_civetweb_port }} num_threads={{ radosgw_civetweb_num_threads }}"
 radosgw_keystone: false # activate OpenStack Keystone options full detail here: http://ceph.com/docs/master/radosgw/keystone/
-#radosgw_keystone_url: # url:admin_port ie: http://192.168.0.1:35357
-radosgw_keystone_api_version: 2 # API versions 2 and 3 are supported
-radosgw_keystone_ssl: true # Can be used to disable PKI revocation checks when other token types are used.
-# for admin_token method, define radosgw_keystone_admin_token
-# for auth_token method, define _user, _password, and _tenant
-radosgw_keystone_auth_method: admin_token
-radosgw_keystone_admin_token: password
-radosgw_keystone_admin_user: username
-radosgw_keystone_admin_password: password
-radosgw_keystone_admin_tenant: tenant
-radosgw_keystone_admin_domain: default
-radosgw_keystone_accepted_roles: Member, _member_, admin
-radosgw_keystone_token_cache_size: 10000
-radosgw_keystone_revocation_internal: 900
-radosgw_s3_auth_use_keystone: "true"
-radosgw_nss_db_path: /var/lib/ceph/radosgw/ceph-radosgw.{{ ansible_hostname }}/nss
-# Settings for the RGW usage logging described at http://docs.ceph.com/docs/jewel/man/8/radosgw/#usage-logging
-radosgw_usage_log: false
-radosgw_usage_log_tick_interval: 30
-radosgw_usage_log_flush_threshold: 1024
-radosgw_usage_max_shards: 32
-radosgw_usage_max_user_shards: 1
-# Settings for static website hosting
-radosgw_static_website: false
-radosgw_dns_s3website_name: your.subdomain.tld # subdomain used by radosgw for website bucket hosting.
 # Rados Gateway options
 email_address: foo@bar.com
 
diff --git a/roles/ceph-common/templates/ceph.conf.j2 b/roles/ceph-common/templates/ceph.conf.j2
index 34b1a8d4f..1179c428a 100644
--- a/roles/ceph-common/templates/ceph.conf.j2
+++ b/roles/ceph-common/templates/ceph.conf.j2
@@ -127,34 +127,12 @@ host = {{ hostvars[host]['ansible_hostname'] }}
 {% for host in groups[rgw_group_name] %}
 {% if hostvars[host]['ansible_hostname'] is defined %}
 [client.rgw.{{ hostvars[host]['ansible_hostname'] }}]
-{% if radosgw_dns_name is defined %}
-rgw dns name = {{ radosgw_dns_name }}
-{% endif %}
 host = {{ hostvars[host]['ansible_hostname'] }}
 keyring = /var/lib/ceph/radosgw/{{ cluster }}-rgw.{{ hostvars[host]['ansible_hostname'] }}/keyring
 rgw socket path = /tmp/radosgw-{{ hostvars[host]['ansible_hostname'] }}.sock
 log file = /var/log/ceph/{{ cluster }}-rgw-{{ hostvars[host]['ansible_hostname'] }}.log
 rgw data = /var/lib/ceph/radosgw/{{ cluster }}-rgw.{{ hostvars[host]['ansible_hostname'] }}
-rgw frontends = civetweb {{ radosgw_civetweb_options }}
-rgw resolve cname = {{ radosgw_resolve_cname | bool }}
-{% if radosgw_keystone %}
-rgw keystone url = {{ radosgw_keystone_url }}
-rgw keystone api version = {{ radosgw_keystone_api_version }}
-{% if radosgw_keystone_auth_method == 'admin_token' %}
-rgw keystone admin token = {{ radosgw_keystone_admin_token }}
-{% elif radosgw_keystone_auth_method == 'auth_token' %}
-rgw keystone admin user = {{ radosgw_keystone_admin_user }}
-rgw keystone admin password = {{ radosgw_keystone_admin_password }}
-rgw keystone admin tenant = {{ radosgw_keystone_admin_tenant }}
-rgw keystone admin domain = {{ radosgw_keystone_admin_domain }}
-{% endif %}
-rgw keystone accepted roles = {{ radosgw_keystone_accepted_roles }}
-rgw keystone token cache size = {{ radosgw_keystone_token_cache_size }}
-rgw keystone revocation interval = {{ radosgw_keystone_revocation_internal }}
-rgw s3 auth use keystone = {{ radosgw_s3_auth_use_keystone }}
-{% if radosgw_keystone_ssl | bool %}
-nss db path = {{ radosgw_nss_db_path }}
-{% endif %}
+rgw frontends = civetweb port={{ radosgw_civetweb_bind_ip }}:{{ radosgw_civetweb_port }} num_threads={{ radosgw_civetweb_num_threads }}
 {% endif %}
 {% if radosgw_usage_log | bool %}
 rgw enable usage log = true
@@ -167,7 +145,6 @@ rgw usage max user shards = {{ radosgw_usage_max_user_shards }}
 rgw enable static website = {{ radosgw_static_website }}
 rgw dns s3website name = {{ radosgw_dns_s3website_name }}
 {% endif %}
-{% endif %}
 {% endfor %}
 {% endif %}