Red Hat Training

A Red Hat training course is available for Red Hat OpenStack Platform

3.7. Create a Regular User Account

Create a regular tenant and user.
All steps in this procedure must be performed on the system hosting the Identity service, while logged in as a user that has access to a file containing the administration token.

Procedure 3.11. Creating a Regular User Account

  1. Set up the shell to access keystone as the administrative user:
    # source ~/keystonerc_admin
  2. Create a tenant:
    [(keystone_admin)]# keystone tenant-create --name TENANT
    +-------------+----------------------------------+
    |   Property  |              Value               |
    +-------------+----------------------------------+
    | description |                                  |
    |   enabled   |              True                |
    |      id     | 6f8e3e36c4194b86b9a9b55d4b722af3 |
    |     name    |             TENANT               |
    +-------------+----------------------------------+
    Replace TENANT with a name for the tenant.
  3. Create a regular user:
    [(keystone_admin)]# keystone user-create --name USER --tenant TENANT --pass PASSWORD
    +----------+-----------------------------------+
    | Property |              Value                |
    +----------+-----------------------------------+
    |  email   |                                   |
    | enabled  |              True                 |
    |    id    | b8275d7494dd4c9cb3f69967a11f9765  |
    |   name   |              USER                 |
    | tenantId | 6f8e3e36c4194b86b9a9b55d4b722af3  |
    | username |              USER                 |
    +----------+-----------------------------------+
    Replace USER with a user name for the account. Replace TENANT with the tenant name that you used in the previous step. Replace PASSWORD with a secure password for the account.

    Note

    The user is associated with Identity's default _member_ role automatically thanks to the --tenant option.
  4. To facilitate authentication, create a keystonerc_user file in a secure location (for example, the home directory of the root user).
    Set the following environment variables to be used for authentication:
    export OS_USERNAME=USER
    export OS_TENANT_NAME=TENANT
    export OS_PASSWORD=PASSWORD
    export OS_AUTH_URL=http://IP:5000/v2.0/
    export PS1='[\u@\h \W(keystone_user)]\$ '
    Replace USER, TENANT, and PASSWORD with the values specified during tenant and user creation. Replace IP with the IP address or host name of the Identity server.