...
There was no need to create local accounts on the cloud framework, ephemeral users are using instead: it was created a set of mapping rules that, depending on the entitlements provided by COmanage (ownership to the COs with a precise role), associate the external users to the right group defined into openstack, and each of them can access to as particulare OpenStack project with different rights (either admin or simple user).
Demonstration workflow
add also an explanation how the mapping rules work
The research collaborations on COmanage | ||
---|---|---|
a) some research collaborations who want to access to the OpenStack services were created on a COmanage instance. In our case: | ||
aarc-white.pilots.aarc-project.eu | aarc-yellow.pilots.aarc-project.eu | aarc-blue.pilots.aarc-project.eu |
b) Each CO has got an admin who approves the membership requests and several users registered c) Each CO has got a corresponding project into OpenStack, reserved to its members |
...