Adding config for identity:list_users #628
Conversation
Co-authored-by: Jan Astalos <73936420+astalosj@users.noreply.github.com> Co-authored-by: Enol Fernandez <enol.fernandez@egi.eu>
sebastian-luna-valero
requested review from
enolfc and
CatalinCondurache
as code owners
This comment has been minimized.
This comment has been minimized.
sebastian-luna-valero
added
the
safe for preview
Documentation preview deployed!Available at https://docs.egi.eu/documentation/628 |
sebastian-luna-valero
requested review from
glarocca,
gwarf and
andrea-manzi
as code owners
This comment has been minimized.
This comment has been minimized.
Documentation preview deployed!Available at https://docs.egi.eu/documentation/628 |
Documentation preview deployed!Available at https://docs.egi.eu/documentation/628 |
Co-authored-by: Baptiste Grenier <baptiste.grenier@egi.eu>
Co-authored-by: Baptiste Grenier <baptiste.grenier@egi.eu>
Documentation preview deployed!Available at https://docs.egi.eu/documentation/628 |
| "identity:list_users": "(role:reader and system_scope:all) or (role:reader and domain_id:%(target.domain_id)s)" | ||
| ``` | ||
|
|
||
| ### Step 1. Change the name of the egi.eu domain |
There was a problem hiding this comment.
If we don't set the name of the domain to egi.eu then it's set to domain ID auto-generated when creating the egi.eu identity provider so the other commands with --domain egi.eu won't work (including the user list command). One possibility could be to create the egi.eu domain with correct name before creating the egi.eu identity provider and pass it as parameter to "openstack identity provider create ..." command.
There was a problem hiding this comment.
Thanks @astalosj
Would this be correct now?
https://docs.egi.eu/documentation/628/providers/cloud-compute/openstack/aai/#keystone-federation-support
Co-authored-by: Jan Astalos <73936420+astalosj@users.noreply.github.com> Co-authored-by: Enol Fernandez <enol.fernandez@egi.eu>
Documentation preview deployed!Available at https://docs.egi.eu/documentation/628 |
Co-authored-by: Jan Astalos <73936420+astalosj@users.noreply.github.com> Co-authored-by: Enol Fernandez <enol.fernandez@egi.eu>
Documentation preview deployed!Available at https://docs.egi.eu/documentation/628 |
Documentation preview deployed!Available at https://docs.egi.eu/documentation/628 |
|
The link to: https://docs.egi.eu/documentation/628/providers/cloud-compute/openstack/vo_config/ from: https://docs.egi.eu/documentation/628/providers/cloud-compute/openstack/aai/#additional-vos fails in the tests but works in the preview. I think this happened in the past but cant' remember what the solution was. |
I also suffered this in #623 and reorganised the docs, I think for this one, it's better to ignore this and get it fixed later |
Co-authored-by: Enol Fernández <enol.fernandez@egi.eu>
Documentation preview deployed!Available at https://docs.egi.eu/documentation/628 |
Documentation preview deployed!Available at https://docs.egi.eu/documentation/628 |
@gwarf do you think we can merge this failing? |
Yes, the same old error, we cannot do much apart reorganising this section, of patchign the link checker to get it work wiht this set up. |
Summary
Configuration to enable permissions for EGI.eu staff to execute
openstack user list.This will allow EGI.eu staff to proactively notify creators of long-running VMs and free up resources accordingly.
Many thanks @astalosj and @enolfc for your help!
Related issue :