Ask Your Question
1

Create private key per tenant?

asked 2015-01-21 00:05:47 -0600

gogasca gravatar image

updated 2015-01-21 00:29:45 -0600

JUNO Devstack

localrc

export OS_USERNAME=admin 
export OS_PASSWORD=password 
export OS_TENANT_NAME=admin 
export OS_AUTH_URL=http://1.1.1.1:5000/v2.0

Im using the following command:

source localrc

nova --os-tenant-name test keypair-add test > keys/test.pem

Private key is only visible to admin user, even though admin has Administrator role on test tenant. If I login with a user part of test tenant I can't see test.pem private key. This seems to be intended behavior as I can create a private key manually from Horizon and I see its only accesible per user base, not for all users which belong to same project.

Question: Can I create a shared "private" key which is accesible via Horizon to all users members of same project/tenant ?

edit retag flag offensive close merge delete
add a comment

1 answer

Sort by ยป oldest newest most voted
1

answered 2015-01-21 16:06:58 -0600

don gravatar image

keypairs are owned by user, not by tenant. this can lead to behaviour that is hard to understand. for example, if you use Heat, and let it create a keypair... if you have a tenant w/ 2 users sharing it. the first creates a stack, the 2nd cannot destroy it (since they cannot destroy the generated keypair, and don't see it in the project interface of Horizon).

I don't think u can have shared private key without handling it out of band (e.g. email it).

edit flag offensive delete link more
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

2 followers

subscribe to rss feed

Stats

Asked: 2015-01-21 00:05:47 -0600

Seen: 867 times

Last updated: Jan 21 '15

Related questions

django error devstack

Horizon console show one same for all instances

Parameter input in nested heat templates

Horizon throws unauthorized 403 error for cloud admin in domain setup

how to turn on horizon debug logging

Horizon: Networks with nova-network

The pop up django form in Horizon

Example of sorting flavors in Horizon?

WebSSO with Keystone IdP

Invalid user name or password