← Back to team overview

openstack team mailing list archive

Re: confuse about keystone rule

 

Hi,

You can name them as you want.

You have to match the users in the *-paste.ini files for each service you
want to integrate with keystone for the authentication.

Each service has a policy.json where you configure the authorization stuff.

For example in devstack nova, glance, swift users belongs to the "service"
pseudo-tenant for integration with keystone

Regards

On Mon, May 21, 2012 at 3:19 AM, William Herry <
william.herry.china@xxxxxxxxx> wrote:

> Hi,
> I am a little confuse about keystone roles, there are several role like
> admin, Member, KeystoneAdmin, KeystoneServiceAdmin, sysadmin, netadmin, I
> want to know does those name have special means, or just a name and I can
> name my role with any name I like, if they have special means, why should I
> create them manually?
>
> can some one explain to me or give me some links?
>
> Thanks
>
> --
>
> ===========================
> William Herry
>
> WilliamHerryChina@xxxxxxxxx
>
>
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to     : openstack@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~openstack
> More help   : https://help.launchpad.net/ListHelp
>
>


-- 
-------------------------------------------
Luis Alberto Gervaso Martin
Woorea Solutions, S.L
CEO & CTO
mobile: (+34) 627983344
luis@ <luis.gervaso@xxxxxxxxx>woorea.es

References