Red Hat Training
A Red Hat training course is available for Red Hat OpenStack Platform
3.7. Create a Regular User Account
Create a regular tenant and user.
All steps in this procedure must be performed on the system hosting the Identity service, while logged in as a user that has access to a file containing the administration token.
Procedure 3.11. Creating a Regular User Account
- Set up the shell to access keystone as the administrative user:
#
source ~/keystonerc_admin
- Create a tenant:
[(keystone_admin)]#
keystone tenant-create --name TENANT
+-------------+----------------------------------+ | Property | Value | +-------------+----------------------------------+ | description | | | enabled | True | | id | 6f8e3e36c4194b86b9a9b55d4b722af3 | | name | TENANT | +-------------+----------------------------------+Replace TENANT with a name for the tenant. - Create a regular user:
[(keystone_admin)]#
keystone user-create --name USER --tenant TENANT --pass PASSWORD
+----------+-----------------------------------+ | Property | Value | +----------+-----------------------------------+ | email | | | enabled | True | | id | b8275d7494dd4c9cb3f69967a11f9765 | | name | USER | | tenantId | 6f8e3e36c4194b86b9a9b55d4b722af3 | | username | USER | +----------+-----------------------------------+Replace USER with a user name for the account. Replace TENANT with the tenant name that you used in the previous step. Replace PASSWORD with a secure password for the account.Note
The user is associated with Identity's default_member_
role automatically thanks to the--tenant
option. - To facilitate authentication, create a
keystonerc_user
file in a secure location (for example, the home directory of theroot
user).Set the following environment variables to be used for authentication:export OS_USERNAME=USER export OS_TENANT_NAME=TENANT export OS_PASSWORD=PASSWORD export OS_AUTH_URL=http://IP:5000/v2.0/ export PS1='[\u@\h \W(keystone_user)]\$ '
Replace USER, TENANT, and PASSWORD with the values specified during tenant and user creation. Replace IP with the IP address or host name of the Identity server.