Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Image RemovedImage Added


1- What is the difference between those roles:   "_member_" admin, ResellerAdmin and heat_stack_user

2- Where can we create those roles?


A role is a personality that a user assumes to perform a specific set of operations. ( like an Admin or Reseller or just _member )

A role includes a set of rights and privileges. ( ???? and how to find out  )

A user assumes that role inherits those rights and privileges.



https://docs.openstack.org/admin-guide/cli-manage-projects-users-and-roles.html


OS documentation and look for "role"

https://docs.openstack.org/admin-guide/index.html


Authorization Model in OpenStack (keystone API V2.0)

https://prosuncsedu.wordpress.com/2014/02/13/authorization-model-in-openstack/




root@super4:~# openstack role list
+----------------------------------+-----------------+
| ID | Name |
+----------------------------------+-----------------+
| 03be779481894d9196cb94ec77c17234 | admin |
| 0d7d26cab3914c01b3696d0fcf3426e3 | ResellerAdmin |
| 47f70b9bacd74ce6885c9dd9efa3b9da | heat_stack_user |
| 9fe2ff9ee4384b1894a90878d3e92bab | _member_ |
+----------------------------------+-----------------+


root@super4:~# keystoneopenstack role-list
The keystone CLI is deprecated in favor of python-openstackclient. For a Python library, continue using python-keystoneclient. 'python-keystoneclient.', DeprecationWarning)show admin
+-----------+-----------------------+-----------------+
| idField | nameValue |
+-------------+---------------------+-----------------+
| 0d7d26cab3914c01b3696d0fcf3426e3domain_id | ResellerAdminNone |
| 9fe2ff9ee4384b1894a90878d3e92babid | _member_03be779481894d9196cb94ec77c17234 |
| 03be779481894d9196cb94ec77c17234name | admin |
| 47f70b9bacd74ce6885c9dd9efa3b9da | heat_stack_user |
+-----------+-----------------------+-----------+

root@super4:~# keystone role-list
The keystone CLI is deprecated in favor of python-openstackclient. For a Python library, continue using python----+keystoneclient. 'python-keystoneclient.', DeprecationWarning)

root@super4:~# openstack project list
+----------------------------------+---------------+
| ID | Name |
+----------------------------------+---------------+
| 485ff8c057ae4a53b914da69296457a4 | Demos |
| 50d2ba6cb2a14d9891f78e24cf15d7de | jlk1_project1 |
| 60852c1ffbf64f6d9ce86d8d5de57b92 | jlk1_project2 |
| ca67040c9d844f34ad9b9e4201efec32 | admin |
| f932845d91b946a798067894ed85e854 | services |
+----------------------------------+---------------+

...