April 25-29, 2016

Event Details

Please note: All times listed below are in Central Time Zone

Advances in Keystone's Role Based Access Control

Keystone provides the mechanism for configuring role based access control (RBAC) thoughout the OpenStack deployment.  New mechanisms in recent releases have greatly improved the ability to tune the access control approach for your deployment.  This presentation will walk though the configuration of RBAC in your deployment.  To start, we'll investigate the defaults that ship with upstream Keystone.  We'll cover a brief overview of requests that have driven the design over the past couple releases.  Finally, we'll see customizations making use of the limitation of admin-scoping, role inference rules and domain specific roles that you can use to tailor your deployment to suit your organization.

What can I expect to learn?

All about Keystone's RBAC, from defaults to advanced customizations. How to create cloud, domain and project admin capabilities and delegate responsibility appropriately.

Tuesday, April 26, 3:40pm-4:20pm (8:40pm - 9:20pm UTC)
Difficulty Level: Intermediate
Red Hat
Adam Young is a Cloud Solutions Architect at Red Hat, responsible for helping people develope their cloud strategies. He has been a long time core developer on Keystone, the authentication and authorization service for OpenStack. Adam has worked on various systems management tools, including the Identity Management component of Red Hat Enterprise Linux based on the FreeIPA technology. A 20 year... FULL PROFILE
Henry works in IBM's Cloud division as an OpenStack Architect and a core contributor to OpenStack Keystone, driving enterprise capabilities into OpenStack as well as IBM's products that use OpenStack. He has a long history in the creation of enterprise software, having founded a number of successful companies in Europe and the USA, coming to IBM via acquisition in 2009. He holds a 1st class... FULL PROFILE