© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
2eb648a
demo site
(Get the code!)
The issue was the roles granted to the admin user by the charm. The 'admin' user should be granted the 'Admin' role against the 'admin_domain' but for some reason the 'admin' user only had the 'Member' role against the 'admin_domain'.
Querying the keystone database directly shows how the grants should look:
select a.type, c.name, d.name
from assignment a, local_user b, role c, project d
where a.actor_id = b.user_id
and b.name = 'admin'
and c.id = a.role_id
and d.id = a.target_id;
+------
| type | name | name |
+------
| UserProject | Admin | admin |
| UserProject | Member | admin |
| UserDomain | Admin | admin_domain |
+------
However in the case of the deployment gmason was having issues I think the query would have shown:
+------
| type | name | name |
+------
| UserProject | Admin | admin |
| UserProject | Member | admin |
| UserDomain | Member | admin_domain |
+------