diff --git a/base-helm-configs/heat/heat-helm-overrides.yaml b/base-helm-configs/heat/heat-helm-overrides.yaml
index ddf8488d..976efd72 100644
--- a/base-helm-configs/heat/heat-helm-overrides.yaml
+++ b/base-helm-configs/heat/heat-helm-overrides.yaml
@@ -326,6 +326,7 @@ conf:
   policy: {}
   heat:
     DEFAULT:
+      server_keystone_endpoint_type: public
       log_config_append: /etc/heat/logging.conf
       num_engine_workers: 1
       trusts_delegated_roles: ""
@@ -335,6 +336,7 @@ conf:
       auth_version: v3
       memcache_security_strategy: ENCRYPT
       service_type: orchestration
+      interface: public
     database:
       idle_timeout: 3600
       connection_recycle_time: 3600
@@ -365,7 +367,7 @@ conf:
     clients_heat:
       endpoint_type: publicURL
     clients_keystone:
-      endpoint_type: internalURL
+      endpoint_type: publicURL
     oslo_messaging_notifications:
       driver: messagingv2
     oslo_middleware:
diff --git a/base-helm-configs/magnum/magnum-helm-overrides.yaml b/base-helm-configs/magnum/magnum-helm-overrides.yaml
index 95ec50f4..700cf7cc 100644
--- a/base-helm-configs/magnum/magnum-helm-overrides.yaml
+++ b/base-helm-configs/magnum/magnum-helm-overrides.yaml
@@ -75,29 +75,21 @@ conf:
       transport_url: null
     glance_client:
       api_version: 2
-      region_name: RegionOne
-      endpoint_type: internalURL
+      endpoint_type: publicURL
     nova_client:
-      region_name: RegionOne
-      endpoint_type: internalURL
+      endpoint_type: publicURL
     cinder_client:
-      region_name: RegionOne
-      endpoint_type: internalURL
+      endpoint_type: publicURL
     neutron_client:
-      region_name: RegionOne
-      endpoint_type: internalURL
+      endpoint_type: publicURL
     barbican_client:
-      endpoint_type: internalURL
-      region_name: RegionOne
+      endpoint_type: publicURL
     heat_client:
-      endpoint_type: internalURL
-      region_name: RegionOne
+      endpoint_type: publicURL
     magnum_client:
-      region_name: RegionOne
       endpoint_type: publicURL
     octavia_client:
-      region_name: RegionOne
-      endpoint_type: internalURL
+      endpoint_type: publicURL
     cluster:
       temp_cache_dir: /var/lib/magnum/certificate-cache
     oslo_messaging_notifications:
@@ -112,10 +104,12 @@ conf:
       max_retries: -1
     trust:
       cluster_user_trust: true
+      trustee_keystone_interface: public
       trustee_domain_name: magnum
     keystone_auth:
       auth_section: keystone_authtoken
     keystone_authtoken:
+      interface: public
       service_token_roles: service
       service_token_roles_required: true
       auth_type: password
diff --git a/docs/magnum-kubernetes-cluster-setup-guide.md b/docs/magnum-kubernetes-cluster-setup-guide.md
index 23139207..bc5c7345 100644
--- a/docs/magnum-kubernetes-cluster-setup-guide.md
+++ b/docs/magnum-kubernetes-cluster-setup-guide.md
@@ -64,5 +64,6 @@ openstack coe cluster create new-k8s-cluster \
           --cluster-template new-cluster-template \
           --master-count 3 \
           --node-count 4 \
-          --keypair mykey
+          --keypair mykey \
+          --labels kube_tag=v1.27.8-rancher2,container_runtime=containerd,containerd_version=1.6.28,containerd_tarball_sha256=f70736e52d61e5ad225f4fd21643b5ca1220013ab8b6c380434caeefb572da9b,cloud_provider_tag=v1.27.3,cinder_csi_plugin_tag=v1.27.3,k8s_keystone_auth_tag=v1.27.3,magnum_auto_healer_tag=v1.27.3,octavia_ingress_controller_tag=v1.27.3,calico_tag=v3.26.4
 ```