Full access and rights management for your infrastructure
Interactions with an infrastructure’s cloud resources come from a number of different sources. Whether these sources of interaction are human beings or behaviour automation tools in your application’s lifecycle, they require roles to be precisely delegated, so that the scope of action for each access is properly defined and the infrastructure’s overall security stays under control. By creating OpenStack users, you can manage their roles and define the actions they can perform on your infrastructure.
The ability to easily disable an access whenever required is a basic security principle. Creating a separate access for each usage means you can disable any of them, at any time.
Define access based on roles
Each access to the OpenStack API is defined by a user/password, which are linked to one or more roles. These define the scope of access to the cloud resources managed by OpenStack. Examples of roles include: Administrator, Network Operator, Infrastructure Supervisor, ObjectStore Operator.
Create a user
You can create one user per usage
Define a role for them
Each role includes several rights/actions
Adjust them as needed
Roles can be updated at any time
An unlimited number of users
As there is no limit to the number of permitted OpenStack users, you can create as many users as your business needs require.
Group several roles together
Each access can include several roles. For example, a user who needs to create and test private images can have both the Image Operator and Computer Operator roles.
Generate access files
Using the OVHcloud Control Panel, you can directly generate a configuration file for several tools, such as the OpenStack CLI or Rclone.