Home > openstack > Openstack ‘keystone’ user & role management Commands

Openstack ‘keystone’ user & role management Commands

Most of the the user and role management commands in openstack keystone have to the run as admin user which is specified by the optionn ‘–os-username’ with value ‘admin’ (value can differ according to roles a user assigned to). Here are some handy keystone commands that you may (or need to) encounter while working with openstack ‘keystone’.

#list all tenants in the system:
keystone --os-username admin tenant-list

#List all the users in the system:
keystone --os-username admin user-list

#List all the roles in the system:
keystone --os-username admin role-list

#List all the roles an user (demo) is enrolled to:
keystone --os-username admin user-role-list --user demo (by username)
keystone --os-username admin user-role-list --user-id 5c0ed08c27e94594ba2110462c29d085 (by userid)

#create a new user :
keystone --os-username admin user-create --name sysadmin --pass sysadmin

#Create a new Role:
keystone --os-username demo role-create --name admin_role

#Add a role to a user (add 'admin_role' to 'sysadmin' user):
keystone --os-username admin user-role-add --user sysadmin --role admin_role --tenant demo

#Verify role added correctly:
keystone --os-username admin user-role-list --user sysadmin

#update password of a user:
keystone --os-username admin user-password-update --pass prosun prosun

Now, if you wonder how to correctly specify option for a keystone commands use “keystone help ” to see the details(ex. which option which command expects). For example, hit “keystone help role-create” to know details about role creation.

Categories: openstack Tags: , ,
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: