ACLs allow us to have greater control over individual objects and containers without requiring full read/write access to a particular container.
Carry out the following steps:
We will first create an account in our OpenStack Identity Server that is only a Member
in the cookbook
tenant. We will call this user, user
.
export ENDPOINT=172.16.0.1 export SERVICE_TOKEN=ADMIN export SERVICE_ENDPOINT=http://${ENDPOINT}:35357/v2.0 # First get TENANT_ID related to our 'cookbook' tenant TENANT_ID=$(tenant-list | awk ' / cookbook / {print $2}') # We then create the user specifying the TENANT_ID keystone user-create --name user --tenant_id $TENANT_ID --pass openstack --email user@localhost --enabled true # We get this new user's ID USER_ID=$(keystone user-list | awk ' / user / {print $2}') # We get the ID of the 'Member' role ROLE_ID=$(keystone role-list | awk ' / Member...