A role is a personality that a user assumes to perform a specific set of operations. A role includes a set of rights and privileges. A user assuming that role inherits those rights and privileges. OpenStack Identity service defines a user's role on a project but it is completely up to the individual service to define what that role means. This is referred to as the service's policy. To get details about what the privileges for each role are, refer to the policy.json file available for each service in the /etc/SERVICE/policy.json file. For example, the policy defined for OpenStack Identity service is defined in the /etc/keystone/policy.json file.

Log in to the dashboard and choose the admin project from the CURRENT PROJECT drop-down list. On the Admin tab, click the Roles category. Click the Create Role button. In the Create Role window, enter a name for the role. Click the Create Role button to confirm your changes.

Log in to the dashboard and choose the admin project from the CURRENT PROJECT drop-down list. On the Admin tab, click the Roles category. Click the Edit button. In the Update Role window, enter a new name for the role. Click the Update Role button to confirm your changes. Using the dashboard, you can edit only the name assigned to a role.

Log in to the dashboard and choose the admin project from the CURRENT PROJECT drop-down list. On the Admin tab, click the Roles category. Select the role you want to delete and click the Delete Roles button.