"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "doc/source/admin/bootstrap.rst" between
keystone-16.0.1.tar.gz and keystone-17.0.0.tar.gz

About: OpenStack Keystone (Core Service: Identity) provides an authentication and authorization service for other OpenStack services. Provides a catalog of endpoints for all OpenStack services.
The "Ussuri" series (latest release).

bootstrap.rst  (keystone-16.0.1):bootstrap.rst  (keystone-17.0.0)
skipping to change at line 83 skipping to change at line 83
--bootstrap-internal-url http://localhost:5000 --bootstrap-internal-url http://localhost:5000
This will create an ``admin`` user with the ``admin`` role on the ``admin`` This will create an ``admin`` user with the ``admin`` role on the ``admin``
project. The user will have the password specified in the command. Note that project. The user will have the password specified in the command. Note that
both the user and the project will be created in the ``default`` domain. By not both the user and the project will be created in the ``default`` domain. By not
creating an endpoint in the catalog users will need to provide endpoint creating an endpoint in the catalog users will need to provide endpoint
overrides to perform additional identity operations. overrides to perform additional identity operations.
This command will also create ``member`` and ``reader`` roles. The ``admin`` This command will also create ``member`` and ``reader`` roles. The ``admin``
role implies the ``member`` role and ``member`` role implies the ``reader`` role implies the ``member`` role and ``member`` role implies the ``reader``
role. role. By default, these three roles are immutable, meaning they are created with
the ``immutable`` resource option and cannot be modified or deleted unless the
option is removed. To disable this behavior, add the ``--no-immutable-roles``
flag.
By creating an ``admin`` user and an identity endpoint you may By creating an ``admin`` user and an identity endpoint you may
authenticate to keystone and perform identity operations like creating authenticate to keystone and perform identity operations like creating
additional services and endpoints using the ``admin`` user. This will preclude additional services and endpoints using the ``admin`` user. This will preclude
the need to ever use or configure the ``admin_token`` (described below). It is the need to ever use or configure the ``admin_token`` (described below). It is
also, by design, more secure. also, by design, more secure.
To test a proper configuration, a user can use OpenStackClient CLI: To test a proper configuration, a user can use OpenStackClient CLI:
.. code-block:: bash .. code-block:: bash
 End of changes. 1 change blocks. 
1 lines changed or deleted 4 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)