Ask Your Question

Revision history [back]

Doubts about User role in keystone

Hi,

I have some doubts about user roles in Keystone, i think this doubt comes because i get used to tempauth and swauth roles and a couldn't map this roles to Keystone...

the doubt is this:

In tempauth e swauth there are 3 types of user's roles: user, admin e resseler admin. The first have the acess to object in a container limited to what is admin set for him (container acl permission). The admin has full control over the container in his account and the resselr admin has full control over then accounts, containers and objects in a cluster.

In keystone, we can create the tenant and the role (http://docs.openstack.org/essex/openstack-compute/starter/content/Creating_Keystone_Roles-d1e460.html) . So if I create the role, how do i set that one role is the "admin" role? How do i set that the role i create is is a role under the admin role? ("user" role)