taikun.cloud

Taikun OCP Guide

Table of Contents

Create and manage roles

A role is a personality that a user assumes to perform a specific set
of operations. A role includes a set of rights and privileges. A user
assumes that role inherits those rights and privileges.

Note

OpenStack Identity service defines a user’s role on a project, but it
is completely up to the individual service to define what that role
means. This is referred to as the service’s policy. To get details about
what the privileges for each role are, refer to the
policy.json file available for each service in the
/etc/SERVICE/policy.json file. For example, the policy
defined for OpenStack Identity service is defined in the
/etc/keystone/policy.json file.

Create a role

  1. Log in to the dashboard and select the admin project from the
    drop-down list.

  2. On the Identity tab, click the Roles category.

  3. Click the Create Role button.

    In the Create Role window, enter a name for the
    role.

  4. Click the Create Role button to confirm your
    changes.

Edit a role

  1. Log in to the dashboard and select the Identity project from
    the drop-down list.

  2. On the Identity tab, click the Roles category.

  3. Click the Edit button.

    In the Update Role window, enter a new name for the
    role.

  4. Click the Update Role button to confirm your
    changes.

Note

Using the dashboard, you can edit only the name assigned to a
role.

Delete a role

  1. Log in to the dashboard and select the Identity project from
    the drop-down list.

  2. On the Identity tab, click the Roles category.

  3. Select the role you want to delete and click the Delete
    Roles
    button.

  4. In the Confirm Delete Roles window, click Delete
    Roles
    to confirm the deletion.

    You cannot undo this action.