Keystone integration

Keystone is an OpenStack identity service that supports token-based authorization. Keystone generates authentication tokens with a predetermined expiration timer that are used to identify users attempting to store and manage containers and objects.

An HCP system can be configured to integrate with Keystone. With the system configured this way, you can use Keystone to authenticate and authorize users and their incoming storage management requests.

This manual assumes that you have a basic understanding of Keystone functionality and that Keystone is already installed on your computer. It also assumes that if you have the administrator role on HCP and have access to the HCP System Management Console.

This chapter covers the following:

Selecting a Keystone Identity Service URL

Creating a Service User's Username and Password

Granting Keystone Service user the admin role

Choosing the Keystone Tenant ID Prefix

Enabling and configuring Keystone on the HCP System Management Console

Enabling the HSwift service on Keystone

Creating an HCP tenant

Creating an Keystone HCP tenant and user

For information on alternative methods of authentication, see Alternate authentication methods.

Trademarks and Legal Disclaimer

© 2017 Hitachi Data Systems Corporation. All rights reserved.