Launchpad Entry: auth-manager-api
Created: 2010-10-28
Contributors: Soren Hansen
Summary
Expose a user management API.
Release Note
OpenStack now exposes a user management API. This enables people deploying OpenStack to create custom interfaces to manage users.
Rationale
There's no reason why nova-manage should be the only way to admin users, and there's certainly no reason why people wanting to do this should talk directly to the DB or to LDAP.
User stories
Andrew wants to deploy OpenStack as a public cloud service. His company already has a web portal, and they want to be able to hook into OpenStack's user db.
Implementation
Through the EC2 API, these API calls will be exposed:
CreateUser
DescribeUsers
DestroyUser
CreateUser
CreateUser takes a single argument:
Name |
Name of the user |
AccessKey |
User's access key (optional) |
SecretKey |
User's secret key (optional) |
Admin |
Whether the user should be an admin (optional) |
If succesful, the API call will return:
Name |
Name of the user |
AccessKey |
User's access key |
SecretKey |
User's secret key |
Admin |
Whether the user is an admin (optional) |
DescribeUser
DescribeUsers takes the following arguments:
Name |
Name of the user (optional) |
AccessKey |
User's access key (optional) |
Both are optional. If none are given, a complete list of users is returned. If either (or both) are given, the user (if any) matching the criteria is returned.
Returns a list of these:
Name |
Name of the user |
AccessKey |
User's access key |
SecretKey |
User's secret key |
Admin |
Whether the user is an admin (optional) |
DestroyUser
DestroyUser takes a single argument:
Name |
Name of the user |
OpenStack API
We need to expose the same functionality through the OpenStack API
TBD
Test/Demo Plan
This need not be added or completed until the specification is nearing beta.