Ask Your Question

what are the defaults roles in openstack and how to understand what a role can do

asked 2018-12-28 02:41:40 -0500

esxzawq gravatar image

how many default roles we have in openstack ?

I know there are admin and reader roles

and what about the roles we create them.

openstack role create myrole

how much power does this role have !!!!

how to specify the power of the role , like what we have in linux (Read,Write,Execute)

edit retag flag offensive close merge delete

2 answers

Sort by ยป oldest newest most voted

answered 2018-12-28 03:16:42 -0500

updated 2018-12-28 03:18:35 -0500

admin - The admin role is global, not per project, so granting a user the admin role in any project gives the user administrative rights across the whole environment. Member and reader roles are the default roles in openstack

You can define actions for OpenStack service roles in the /etc/PROJECT/policy.json files. For example, define actions for Keystone service roles in the /etc/keystone/policy.json file.

image description

You can manage projects, users, and roles independently from each other.

for all projects in OpenStack, you can define the policies by using the above-mentioned method

edit flag offensive delete link more

answered 2018-12-28 03:09:35 -0500

updated 2018-12-28 03:10:54 -0500

You use policies to determine what a role can do. Policies used to be defined in configuration files named policy.json, but Keystone, Nova and Cinder now have hard-coded default policies.

Default roles are reader, admin and member.

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2018-12-28 02:41:40 -0500

Seen: 997 times

Last updated: Dec 28 '18