Users

A user can be created within Zadara Cloud Services as a member of a single account. To access and use Zadara Cloud Services, a user must be assigned to at least one project within that account via one of the three Zadara Cloud Services roles and at least one Zadara Cloud Services Policy.

Note

If a user is assigned to more than one project, the role assigned for each project must be the same.

Note

  • Only Tenant Admin or Admin users can perform these actions.

  • If a user originated from an Identity Provider and not from within Zadara Cloud Services, the only user action which can be performed is the management of their permissions.

  • None of these actions can be performed on the system ‘admin’ user of the cloud_admin account.

Creating Users

To create a new user, you need to be either the Admin (system administrator) user who can add users to any account, or a Tenant Admin user who can add users  to the account of which she is in charge.

Users cannot be created from within Zadara Cloud Services in accounts which are connected to an Identity Provider service. Users created by an Identity Provider service must have a Zadara Cloud Services Role and one or more Zadara Cloud Services Policies assigned to them for a project.

  1. In the Identity & Access > Accounts view for the specific account for which you wish to create a user, go to the Users tab and click Create User. The Create User wizard is displayed in the User tab.

    image1

  2. Enter the following information (all of the information is required):

    1. Name – Enter a name. All names in an account must be unique.

    2. E-mail – Enter the user’s email address.

    3. Password – Enter a password. A valid password must satisfy the Password Rules which are currently defined as follows:

      • Be at least 8 characters long - Contain at least 1 number

      • Contain at least 1 letter

      • Contain at least 1 special character While entering the password, the Password Rules on the right will dynamically indicate when each password rule has been satisfied.

    4. Validate Password – Re-enter the password.

  3. Click Next. the Permissions tab is displayed.

    image2

    1. + Add Project- Select a project. You can select any project in the user’s account. You may also select multiple projects, one at a time.

    2. - Click to delete a project. A user must be assigned at least one project together with its Zadara Cloud Services Role and Policies.

    3. Roles- Select one of the three roles; Member, Tenant Admin or Admin. Required for the first project. Default: Member Note: It is highly recommended not to assign multiple roles for a single project.

    4. Policies- Select one or more Zadara Cloud Services Policies. Default: FullAccess. This policy grants per Zadara Cloud Services role, full access to all of the functionality granted to this role prior to v5.3.4.

  4. Click Finish to create the new user. The new user is created and is displayed in the Users tab of the specific account.

Managing Users Permissions

After creating a user to which you assigned a project with a Zadara Cloud Services role and Zadara Cloud Services policies, you can modify the user’s permissions in one of the following ways”

  • Modify the permissions assigned for the first project

  • Assign permissions for additional projects

  • Remove projects to which the user was once assigned

To manage the permissions of a user:

  1. Go to the Identity & Access > Accounts view of a specific account view and click the Users tab. The list of all of the users in the account will be displayed.

  2. Highlight the row of the user to which you wish to assign a project. A Manage Permissions button appears in the tab toolbar.

  3. Click Manage Permissions. The Manage Permissions for User: <name of selected user> dialog box is displayed. image3

  4. Do the following:

    1. + Add Project - Select the additional project that you want to assign to the user.

    2. - Click to delete a project.

    3. Roles - Select one of the three roles; Member, Tenant Admin or Admin. Default: Member Note: Do not assign multiple roles for a single project.

    4. Policies - Select one or more Zadara Cloud Services Policies. Default: FullAccess.

    5. AWS API policies - Select one or more policies. This field is optional unless you want to grant access to AWS APIs.

    6. Click Finish to save the modified permissions.

Modifying Users

After creating a user, you can modify its Name, E-mail address and Password Expiration status.

Note

Users in accounts connected to an Identity Provider service, cannot be modified from within Zadara Cloud Services.

To modify a user:

  1. Go to the Users tab on the Identity & Access > Accounts > screen for a specific account and highlight the row of the user that you want to modify. A Modify button appears in the tab toolbar.

  2. Click Modify. The Modify User dialog box is displayed.

  3. You may do any of the following:

    1. Modify the Name of the user. Remember: The name must be unique within the account. It is not case-sensitive.

    2. Modify the user’s E-mail address.

    3. Enable or disable Password Expiration.

  4. Click OK. A message confirming the updating of the user will pop-up in the upper right-hand corner of the screen.

Resetting User Passwords

Once a user is created, the password can be reset by an Admin user of any account, or a Tenant Admin user of the user’s account.

Note

  1. The password of users in accounts connected to an Identity Provider service, cannot be reset from within Zadara Cloud Services.

  2. The Tenant Admin user cannot reset the password of an Admin user

  3. Any Admin user cannot reset the password of the system admin (Account: cloud_admin, User: admin). Only the system admin herself can change her own password.

To reset a user password:

  1. Go to the Users tab on the Identity & Access > Accounts view for a specific account and highlight the row of the user whose password you want to reset. A Set Password button appears in the tab toolbar.

  2. Click Set Password. The Set Password dialog box is displayed.

  3. Do the following:

    1. Enter a Password.

      1. A valid password must satisfy the Password Rules which are currently defined as follows:

        • Be at least 8 characters long

        • Contain at least 1 number

        • Contain at least 1 letter

        • Contain at least 1 special character While entering the password, the Password Rules on the right will dynamically indicate when each password rule has been satisfied.

    2. Validate the Password by re-entering it.

  4. Click OK. A message confirming the successful resetting of the password will pop-up in the upper right-hand corner of the screen.

Deleting Users

When deleting a user, this user will no longer have access to Zadara Cloud Services. Deleting a user only removes the user from the system. It does not delete the virtual resources that this user created. Theses resources will still be accessible to all users with access to the projects for which these resources were created.

Note

  • The users in accounts connected to an Identity Provider service, cannot be deleted from within Zadara Cloud Services.

  • You cannot delete the system ‘admin’ user in the cloud_admin account.

To delete a user:

  1. Go to the Users tab on the Identity & Access  > Accounts > view for a specific account and highlight the row of the user who you wish to delete. A Delete button appears in the tab toolbar.

  2. Click Delete. The Delete User confirmation notice appears.

  3. Click OK. A message confirming the deletion of the user project will pop-up in the upper right-hand corner of the screen.