Identity, Authentication, and Access Management in OpenStack: Implementing and Deploying Keystone(Paperback)

Steve Martinelli, Henry Nash, Brad Topol



Keystone—OpenStack's Identity service—provides secure controlled access to a cloud’s resources. In OpenStack environments, Keystone performs many vital functions, such as authenticating users and determining what resources users are authorized to access.

Whether the cloud is private, public, or dedicated, access to cloud resources and security is essential. This practical guide to using Keystone provides detailed, step-by-step guidance to creating a secure cloud environment at the Infrastructure-as-a-Service layer—as well as key practices for safeguarding your cloud's ongoing security.

  • Learn about Keystone's fundamental capabilities for providing Identity, Authentication, and Access Management
  • Perform basic Keystone operations, using concrete examples and the latest version (v3) of Keystone's Identity API
  • Understand Keystone's unique support for multiple token formats, including how it has evolved over time
  • Get an in-depth explanation of Keystone's LDAP support and how to configure Keystone to integrate with LDAP
  • Learn about one of Keystone's most sought-after features—support for federated identity