keystone

keystone

Synopsis

Manage OpenStack Identity (keystone) users, projects, roles, and endpoints.

Examples

# Create an admin project
- keystone:
    command: "ensure_project"
    project_name: "admin"
    domain_name: "Default"
    description: "Admin project"

# Create a service project
- keystone:
    command: "ensure_project"
    project_name: "service"
    description: "Service project"

# Create an admin user
- keystone:
    command: "ensure_user"
    user_name: "admin"
    project_name: "admin"
    password: "secrete"
    email: "admin@some-domain.com"

# Create an admin role
- keystone:
    command: "ensure_role"
    role_name: "admin"

# Create a user
- keystone:
    command: "ensure_user"
    user_name: "glance"
    project_name: "service"
    password: "secrete"
    domain_name: "Default"
    email: "glance@some-domain.com"

# Add a role to a user
- keystone:
    command: "ensure_user_role"
    user_name: "glance"
    project_name: "service"
    role_name: "admin"

# Add a project role to a group
- keystone:
    command: "ensure_group_role"
    group_name: "fedgroup"
    project_name: "fedproject"
    role_name: "_member_"

# Create a service
- keystone:
    command: "ensure_service"
    service_name: "glance"
    service_type: "image"
    description: "Glance Image Service"

# Create an endpoint
- keystone:
    command: "ensure_endpoint"
    region_name: "RegionOne"
    service_name: "glance"
    service_type: "image"
    endpoint_list:
      - url: "http://127.0.0.1:9292"
        interface: "public"
      - url: "http://127.0.0.1:9292"
        interface: "admin"
      - url: "http://127.0.0.1:9292"
        interface: "internal"

# Get project id
- keystone:
    command: "get_project"
    project_name: "admin"

# Get user id
- keystone:
    command: "get_user"
    user_name: "admin"

# Get role id
- keystone:
    command: "get_role"
    user_name: "admin"
Creative Commons Attribution 3.0 License

Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.