Need Help to Create Swift user roles?

asked 2014-11-14 11:35:04 -0500

ebyenjoys gravatar image


I have a working swift cluster with keystone version 2.

I do have a few doubts regarding the swift users.

When I create a new user with the admin role, which was meant for swift,then that same user can also be able to do all keystone operations, such as listing all users and tenants etc. Swift operations are working fine as expected. I haven't specified such admin user inside proxy-server.conf,but still I am able to perform all the operations.

On the same time when I create a user with swiftoperator role, then the I am able to use it only for swift operations and restricted keystone operations.

Kindly en light me how to create a dedicated admin only for swift with restricted Keystone operations. Should I need to specify the admin user exclusively inside proxy-server.conf ?

I also need to know whether there is a reseller admin role under keystone. I have used the reseller admin with tempauth. Kindly help me to enable that too.

edit retag flag offensive close merge delete