Versions Compared

Old Version 3

changes.mady.by.user Andrea Rendina

Saved on

compared with

New Version 4

changes.mady.by.user Andrea Rendina

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

In this regard, a voms-importer script has been developed at CNAF: https://github.com/indigo-iam/voms-importer.

...

Code Block
docker run -it --entrypoint /bin/bash indigoiam/voms-importer
sudo su
cat >/etc/yum.repos.d/egi.repo <<EOF
[EGI-trustanchors]
name=EGI-trustanchors
baseurl=https://repository.egi.eu/sw/production/cas/1/current/
gpgkey=https://repository.egi.eu/sw/production/cas/1/GPG-KEY-EUGridPMA-RPM-3
gpgcheck=1
EOF

yum install ca-policy-egi-core -y
cp /etc/grid-security/certificates/*.pem /etc/pki/ca-trust/source/anchors/
update-ca-trust
exit

oidc-gen -w device <client-name>
export IAM_ENDPOINT=<iam-URL>
export OIDC_AGENT_ALIAS=<client-name>
export OIDC_AGENT_SECRET=***
export REQUESTS_CA_BUNDLE=/etc/pki/tls/cert.pem
init-credentials.sh
vomsimporter --vo <vo-name> --voms-host <voms-server-host> --voms-port <voms-server-port> --iam-host <iam-hostname>

When a user has been imported from a VOMS server to IAM, the new username inside IAM will be the juxtaposition of the "user." string and the number id of the user inside the VOMS server.
A valid example could be "user.44".