diff --git a/ansible/roles/nova/defaults/main.yml b/ansible/roles/nova/defaults/main.yml
index 1ab5eb0cfc9b5b5e6a62882bfb9291e12bc1d1dc..71ad9434800f3f50c631fa0885f95fffe89baf4e 100644
--- a/ansible/roles/nova/defaults/main.yml
+++ b/ansible/roles/nova/defaults/main.yml
@@ -252,7 +252,7 @@ nova_pool_pgp_num: "{{ ceph_pool_pgp_num }}"
 nova_hw_disk_discard: "unmap"
 
 ceph_client_nova_keyring_caps:
-  mon: 'allow r'
+  mon: 'allow r, allow command "osd blacklist"'
   osd: >-
     allow class-read object_prefix rbd_children,
     allow rwx pool={{ ceph_cinder_pool_name }},