diff --git a/files/keystone.conf b/files/keystone.conf index 11b9f5f..85a64a8 100644 --- a/files/keystone.conf +++ b/files/keystone.conf @@ -39,11 +39,10 @@ admin_host = 0.0.0.0 admin_port = 5001 #Role that allows to perform admin operations. -keystone-admin-role = Admin +keystone-admin-role = KeystoneAdmin #Role that allows to perform service admin operations. -# FIXME: need to separate this into a different role like KeystoneServiceAdmin -keystone-service-admin-role = Admin +keystone-service-admin-role = KeystoneServiceAdmin [keystone.backends.sqlalchemy] # SQLAlchemy connection string for the reference implementation registry diff --git a/files/keystone_data.sh b/files/keystone_data.sh index 47b7502..b0ce684 100755 --- a/files/keystone_data.sh +++ b/files/keystone_data.sh @@ -5,13 +5,19 @@ $BIN_DIR/keystone-manage $* tenant add admin $BIN_DIR/keystone-manage $* tenant add demo # Users -$BIN_DIR/keystone-manage $* user add admin secrete 1 -$BIN_DIR/keystone-manage $* user add demo secrete 2 +$BIN_DIR/keystone-manage $* user add admin secrete +$BIN_DIR/keystone-manage $* user add demo secrete # Roles $BIN_DIR/keystone-manage $* role add Admin $BIN_DIR/keystone-manage $* role add Member +$BIN_DIR/keystone-manage $* role add KeystoneAdmin +$BIN_DIR/keystone-manage $* role add KeystoneServiceAdmin +$BIN_DIR/keystone-manage $* role grant Admin admin 1 +$BIN_DIR/keystone-manage $* role grant Member demo 2 $BIN_DIR/keystone-manage $* role grant Admin admin +$BIN_DIR/keystone-manage $* role grant KeystoneAdmin admin +$BIN_DIR/keystone-manage $* role grant KeystoneServiceAdmin admin # Services $BIN_DIR/keystone-manage $* service add nova_compat nova_compat nova_compat @@ -26,7 +32,6 @@ $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne 3 http://%HOST_IP%:9 $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne 4 http://%HOST_IP%:5000/v2.0 http://%HOST_IP%:5001/v2.0 http://%HOST_IP%:5000/v2.0 1 1 # $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne swift http://%HOST_IP%:8080/v1/AUTH_%tenant_id% http://%HOST_IP%:8080/ http://%HOST_IP%:8080/v1/AUTH_%tenant_id% 1 1 - # Tokens $BIN_DIR/keystone-manage $* token add 999888777666 1 1 2015-02-05T00:00 @@ -46,3 +51,4 @@ $BIN_DIR/keystone-manage $* endpoint add 2 5 $BIN_DIR/keystone-manage $* endpoint add 2 6 $BIN_DIR/keystone-manage $* credentials add admin EC2 'admin:admin' admin admin || echo "no support for adding credentials" +$BIN_DIR/keystone-manage $* credentials add demo EC2 'demo:demo' demo demo || echo "no support for adding credentials"