[Openstack] About the Role and User's rights
Dolph Mathews
dolph.mathews at gmail.com
Fri Aug 31 07:34:25 UTC 2012
Those roles you see in keystone are merely examples, and don't have any
"meaning" by themselves. You create your own roles in keystone (e.g. $
keystone role-create) and define the associated actions specific to each
service via each service's own policy.json. For example, here's nova's
default policy.json:
https://github.com/openstack/nova/blob/master/etc/nova/policy.json
-Dolph
On Fri, Aug 31, 2012 at 2:21 AM, Jack <545997714 at qq.com> wrote:
> hi all,
> openstack uses a rights management system that employs a Role-Based
> Access Control , Roles control the actions that a user is allowed to
> perform .there are 5 roles in keystone ,there are
> admin,KeystoneAdmin,KeystoneServiceAdmin,Member,anotherrole ,but ,how
> openstack control every role's rights? how openstack lmits the actions of
> each role?
>
> Looking forward
>
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to : openstack at lists.launchpad.net
> Unsubscribe : https://launchpad.net/~openstack
> More help : https://help.launchpad.net/ListHelp
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20120831/3739676a/attachment.html>
More information about the Openstack
mailing list