openstack team mailing list archive
-
openstack team
-
Mailing list archive
-
Message #12011
Re: confuse about keystone rule
Hi,
You can name them as you want.
You have to match the users in the *-paste.ini files for each service you
want to integrate with keystone for the authentication.
Each service has a policy.json where you configure the authorization stuff.
For example in devstack nova, glance, swift users belongs to the "service"
pseudo-tenant for integration with keystone
Regards
On Mon, May 21, 2012 at 3:19 AM, William Herry <
william.herry.china@xxxxxxxxx> wrote:
> Hi,
> I am a little confuse about keystone roles, there are several role like
> admin, Member, KeystoneAdmin, KeystoneServiceAdmin, sysadmin, netadmin, I
> want to know does those name have special means, or just a name and I can
> name my role with any name I like, if they have special means, why should I
> create them manually?
>
> can some one explain to me or give me some links?
>
> Thanks
>
> --
>
> ===========================
> William Herry
>
> WilliamHerryChina@xxxxxxxxx
>
>
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to : openstack@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~openstack
> More help : https://help.launchpad.net/ListHelp
>
>
--
-------------------------------------------
Luis Alberto Gervaso Martin
Woorea Solutions, S.L
CEO & CTO
mobile: (+34) 627983344
luis@ <luis.gervaso@xxxxxxxxx>woorea.es
References