Keystone provides the mechanism for configuring role based access control (RBAC) thoughout the OpenStack deployment. New mechanisms in recent releases have greatly improved the ability to tune the access control approach for your deployment. This presentation will walk though the configuration of RBAC in your deployment. To start, we'll investigate the defaults that ship with upstream Keystone. We'll cover a brief overview of requests that have driven the design over the past couple releases. Finally, we'll see customizations making use of the limitation of admin-scoping, role inference rules and domain specific roles that you can use to tailor your deployment to suit your organization.
All about Keystone's RBAC, from defaults to advanced customizations. How to create cloud, domain and project admin capabilities and delegate responsibility appropriately.