openstack
/
keystone
Code Issues Proposed changes

Merge "Add details to bootstrap docs for system role assignments"

This commit is contained in:
Zuul 2022-02-04 18:49:30 +00:00 committed by Gerrit Code Review
parent b0318a455a 876ee4b01a
commit 2961208028
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
doc/source/admin/bootstrap.rst
View File

@ -73,10 +73,12 @@ Verbosely, keystone can be bootstrapped with:
--bootstrap-internal-url http://localhost:5000 --bootstrap-internal-url http://localhost:5000
This will create an ``admin`` user with the ``admin`` role on the ``admin`` This will create an ``admin`` user with the ``admin`` role on the ``admin``
project. The user will have the password specified in the command. Note that project and the system. This allows the user to generate project-scoped and
both the user and the project will be created in the ``default`` domain. By not system-scoped tokens which ensures they have full RBAC authorization. The user
creating an endpoint in the catalog users will need to provide endpoint will have the password specified in the command. Note that both the user and
overrides to perform additional identity operations. the project will be created in the ``default`` domain. By not creating an
endpoint in the catalog users will need to provide endpoint overrides to
perform additional identity operations.
This command will also create ``member`` and ``reader`` roles. The ``admin`` This command will also create ``member`` and ``reader`` roles. The ``admin``
role implies the ``member`` role and ``member`` role implies the ``reader`` role implies the ``member`` role and ``member`` role implies the ``reader``