forked from docs/doc-exports
Wei, Hongmin
04bff7c7a8
Reviewed-by: Kabai, Zoltán Gábor <zoltan-gabor.kabai@t-systems.com> Co-authored-by: Wei, Hongmin <weihongmin1@huawei.com> Co-committed-by: Wei, Hongmin <weihongmin1@huawei.com>
115 lines
12 KiB
HTML
115 lines
12 KiB
HTML
<a name="iam_01_0031"></a><a name="iam_01_0031"></a>
|
||
|
||
<h1 class="topictitle1">Creating a User and Adding the User to a User Group</h1>
|
||
<div id="body8662426"><p id="iam_01_0031__p280065192919">As a security administrator, you can create a user and add the user to a user group. The user automatically inherits the permissions of the user group.</p>
|
||
<div class="section" id="iam_01_0031__s48a5715917aa42a2ab7d938695881936"><h4 class="sectiontitle">Procedure</h4><ol id="iam_01_0031__en-us_topic_0046611303_ol47528147"><li id="iam_01_0031__li24111249193037"><span>Choose <span class="menucascade" id="iam_01_0031__menucascade157465065015936"><b><span class="uicontrol" id="iam_01_0031__uicontrol28297739115936">Management & Deployment</span></b> > <b><span class="uicontrol" id="iam_01_0031__uicontrol34212982515942">Identity and Access Management</span></b></span>.</span></li><li id="iam_01_0031__li16500132221014"><span>In the navigation pane, choose <strong id="iam_01_0031__b782152911364">Users</strong>. Then click <strong id="iam_01_0031__b15822112914364">Create User</strong>.</span></li><li id="iam_01_0031__li71951912117"><span>Specify the user information on the <strong id="iam_01_0031__b2730231143613">Create User</strong> page.</span><p>
|
||
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="iam_01_0031__table2085713152213" frame="border" border="1" rules="all"><thead align="left"><tr id="iam_01_0031__row1585971132215"><th align="left" class="cellrowborder" valign="top" width="7.870000000000001%" id="mcps1.3.2.2.3.2.1.1.3.1.1"><p id="iam_01_0031__p49241120132516">Parameter</p>
|
||
</th>
|
||
<th align="left" class="cellrowborder" valign="top" width="92.13%" id="mcps1.3.2.2.3.2.1.1.3.1.2"><p id="iam_01_0031__p1490342011259">Description</p>
|
||
</th>
|
||
</tr>
|
||
</thead>
|
||
<tbody><tr id="iam_01_0031__row148161516192520"><td class="cellrowborder" valign="top" width="7.870000000000001%" headers="mcps1.3.2.2.3.2.1.1.3.1.1 "><p id="iam_01_0031__p1185913111223"><span class="keyword" id="iam_01_0031__keyword213993803614">Username</span></p>
|
||
</td>
|
||
<td class="cellrowborder" valign="top" width="92.13%" headers="mcps1.3.2.2.3.2.1.1.3.1.2 "><p id="iam_01_0031__p2085913117229">Username that will be used to log in to the cloud platform. This field is required.</p>
|
||
</td>
|
||
</tr>
|
||
<tr id="iam_01_0031__row138598110225"><td class="cellrowborder" valign="top" width="7.870000000000001%" headers="mcps1.3.2.2.3.2.1.1.3.1.1 "><p id="iam_01_0031__p1185911132218">Email Address</p>
|
||
</td>
|
||
<td class="cellrowborder" valign="top" width="92.13%" headers="mcps1.3.2.2.3.2.1.1.3.1.2 "><p id="iam_01_0031__p1085915132215">Email address of the user that can be used as a login credential. Users can bind an email address after they are created. This field is required if you have specified <strong id="iam_01_0031__b323819242373">Set by user</strong> as the access type.</p>
|
||
</td>
|
||
</tr>
|
||
<tr id="iam_01_0031__row58605162217"><td class="cellrowborder" valign="top" width="7.870000000000001%" headers="mcps1.3.2.2.3.2.1.1.3.1.1 "><p id="iam_01_0031__p178600116224">Mobile Number</p>
|
||
</td>
|
||
<td class="cellrowborder" valign="top" width="92.13%" headers="mcps1.3.2.2.3.2.1.1.3.1.2 "><p id="iam_01_0031__p386020114221">Mobile phone number of the user that can be used as a login credential. Users can bind a mobile number after they are created. This field is optional.</p>
|
||
</td>
|
||
</tr>
|
||
<tr id="iam_01_0031__row7386153642217"><td class="cellrowborder" valign="top" width="7.870000000000001%" headers="mcps1.3.2.2.3.2.1.1.3.1.1 "><p id="iam_01_0031__p63874367227">Description</p>
|
||
</td>
|
||
<td class="cellrowborder" valign="top" width="92.13%" headers="mcps1.3.2.2.3.2.1.1.3.1.2 "><p id="iam_01_0031__p17387193652218">Additional information about the user. This field is optional.</p>
|
||
</td>
|
||
</tr>
|
||
<tr id="iam_01_0031__row4366632127"><td class="cellrowborder" valign="top" width="7.870000000000001%" headers="mcps1.3.2.2.3.2.1.1.3.1.1 "><p id="iam_01_0031__p134221241605">External Identity ID</p>
|
||
</td>
|
||
<td class="cellrowborder" valign="top" width="92.13%" headers="mcps1.3.2.2.3.2.1.1.3.1.2 "><p id="iam_01_0031__p5304118115910">Identity of an enterprise user in IAM user SSO.</p>
|
||
<p id="iam_01_0031__p6241633122718">This parameter (no more than 128 characters) is mandatory for IAM user SSO. For details, see <a href="iam_08_0253.html">IAM User SSO via SAML</a></p>
|
||
</td>
|
||
</tr>
|
||
</tbody>
|
||
</table>
|
||
</div>
|
||
</p></li><li id="iam_01_0031__li199522021572"><span>Select an access type and click <strong id="iam_01_0031__b126611102383">Next</strong>.</span><p>
|
||
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="iam_01_0031__table1777851811233" frame="border" border="1" rules="all"><thead align="left"><tr id="iam_01_0031__row8779161802313"><th align="left" class="cellrowborder" valign="top" id="mcps1.3.2.2.4.2.1.1.5.1.1"><p id="iam_01_0031__p9262183452512">Access Type</p>
|
||
</th>
|
||
<th align="left" class="cellrowborder" colspan="2" valign="top" id="mcps1.3.2.2.4.2.1.1.5.1.2"><p id="iam_01_0031__p11261134192512">Configuration</p>
|
||
</th>
|
||
<th align="left" class="cellrowborder" valign="top" id="mcps1.3.2.2.4.2.1.1.5.1.3"><p id="iam_01_0031__p8233173420253">Description</p>
|
||
</th>
|
||
</tr>
|
||
</thead>
|
||
<tbody><tr id="iam_01_0031__row177991813236"><td class="cellrowborder" valign="top" width="16.03839616038396%" headers="mcps1.3.2.2.4.2.1.1.5.1.1 "><p id="iam_01_0031__p14779141832318">Programmatic access</p>
|
||
</td>
|
||
<td class="cellrowborder" valign="top" width="11.848815118488151%" headers="mcps1.3.2.2.4.2.1.1.5.1.2 "><p id="iam_01_0031__p7779181822310">--</p>
|
||
</td>
|
||
<td class="cellrowborder" valign="top" width="12.248775122487752%" headers="mcps1.3.2.2.4.2.1.1.5.1.2 "><p id="iam_01_0031__p15779121852314">--</p>
|
||
</td>
|
||
<td class="cellrowborder" valign="top" width="59.86401359864014%" headers="mcps1.3.2.2.4.2.1.1.5.1.3 "><p id="iam_01_0031__p6812103102416">If you select this option, after the user is created, you can download the access key (AK/SK) generated for the user. The user can use the access key to access the cloud platform through APIs. Each user can have a maximum of two access keys.</p>
|
||
</td>
|
||
</tr>
|
||
<tr id="iam_01_0031__row952694019209"><td class="cellrowborder" rowspan="5" valign="top" width="16.03839616038396%" headers="mcps1.3.2.2.4.2.1.1.5.1.1 "><p id="iam_01_0031__p043251517216">Management console access</p>
|
||
<p id="iam_01_0031__p195081327132112"></p>
|
||
</td>
|
||
<td class="cellrowborder" rowspan="3" valign="top" width="11.848815118488151%" headers="mcps1.3.2.2.4.2.1.1.5.1.2 "><p id="iam_01_0031__p159041850172111">Console Password</p>
|
||
<p id="iam_01_0031__p17904350162118"></p>
|
||
</td>
|
||
<td class="cellrowborder" valign="top" width="12.248775122487752%" headers="mcps1.3.2.2.4.2.1.1.5.1.2 "><p id="iam_01_0031__p235110595212">Set by user</p>
|
||
</td>
|
||
<td class="cellrowborder" valign="top" width="59.86401359864014%" headers="mcps1.3.2.2.4.2.1.1.5.1.3 "><p id="iam_01_0031__p235165913218">If you are the administrator setting the password for the user, select this option and enter an email address and a mobile number. The user can set a password by clicking on the one-time login URL sent over email.</p>
|
||
</td>
|
||
</tr>
|
||
<tr id="iam_01_0031__row1088319122116"><td class="cellrowborder" valign="top" headers="mcps1.3.2.2.4.2.1.1.5.1.1 "><p id="iam_01_0031__p18351135914212">Automatically generated</p>
|
||
</td>
|
||
<td class="cellrowborder" valign="top" headers="mcps1.3.2.2.4.2.1.1.5.1.2 "><p id="iam_01_0031__p20351105922118">This option is available only when you create a single user.</p>
|
||
</td>
|
||
</tr>
|
||
<tr id="iam_01_0031__row12985998218"><td class="cellrowborder" valign="top" headers="mcps1.3.2.2.4.2.1.1.5.1.1 "><p id="iam_01_0031__p153512593212">Set now</p>
|
||
</td>
|
||
<td class="cellrowborder" valign="top" headers="mcps1.3.2.2.4.2.1.1.5.1.2 "><p id="iam_01_0031__p143511559112117">Select this option if you are the user. Then, set a password for login.</p>
|
||
<div class="note" id="iam_01_0031__note141801323115819"><span class="notetitle"> NOTE: </span><div class="notebody"><div class="p" id="iam_01_0031__p171061824165819">The password must meet the following requirements:<ul id="iam_01_0031__ul11061624195819"><li id="iam_01_0031__li13106124155816">Must contain 6 to 32 characters.</li><li id="iam_01_0031__li18275121519367">Must contain at least two types of the following: uppercase letters, lowercase letters, digits, and special characters (~`!?,.:;-_'"(){}[]/<>@#$%^&*+|\= and spaces).</li><li id="iam_01_0031__li11106152475820">Cannot be the username or the username spelled backwards. For example, if the username is <strong id="iam_01_0031__b9150141320428">A12345</strong>, the password cannot be <strong id="iam_01_0031__b191561113164216">A12345</strong>, <strong id="iam_01_0031__b41566133424">a12345</strong>, <strong id="iam_01_0031__b4156313194214">54321A</strong>, or <strong id="iam_01_0031__b1815715132427">54321a</strong>.</li><li id="iam_01_0031__li1410652425813">Cannot contain the user's mobile number or email address.</li></ul>
|
||
</div>
|
||
</div></div>
|
||
</td>
|
||
</tr>
|
||
<tr id="iam_01_0031__row3985159132118"><td class="cellrowborder" rowspan="2" valign="top" headers="mcps1.3.2.2.4.2.1.1.5.1.1 "><p id="iam_01_0031__p1190595010214">Login Protection</p>
|
||
<p id="iam_01_0031__p119051650162120"></p>
|
||
</td>
|
||
<td class="cellrowborder" valign="top" headers="mcps1.3.2.2.4.2.1.1.5.1.2 "><p id="iam_01_0031__p93511359132115">Enable</p>
|
||
</td>
|
||
<td class="cellrowborder" valign="top" headers="mcps1.3.2.2.4.2.1.1.5.1.2 "><p id="iam_01_0031__p13351115932111">If login protection is enabled, the user will need to enter a verification code in addition to the username and password during login. Enable this function for account security.</p>
|
||
<p id="iam_01_0031__p1635125932111">You can choose from SMS-, email-, and <a href="iam_10_0002.html#iam_10_0002__section0864223164311">virtual MFA</a>–based login verification.</p>
|
||
</td>
|
||
</tr>
|
||
<tr id="iam_01_0031__row8508102722111"><td class="cellrowborder" valign="top" headers="mcps1.3.2.2.4.2.1.1.5.1.1 "><p id="iam_01_0031__p1435115593217">Disable</p>
|
||
</td>
|
||
<td class="cellrowborder" valign="top" headers="mcps1.3.2.2.4.2.1.1.5.1.2 "><p id="iam_01_0031__p18351959142119">For this example, disable login protection.</p>
|
||
</td>
|
||
</tr>
|
||
</tbody>
|
||
</table>
|
||
</div>
|
||
<div class="note" id="iam_01_0031__note10730654205513"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="iam_01_0031__ul666730145615"><li id="iam_01_0031__li12553124511814">For security purposes, select only one access type for each user.<ul id="iam_01_0031__ul095841211910"><li id="iam_01_0031__li016681141913">Programmatic access: Users can access cloud services using development tools (including APIs, CLI, and SDKs) that support key authentication. This access type is recommended for developers.</li><li id="iam_01_0031__li7949434111919">Management console access: Users can log in to the management console using their own usernames and passwords.</li></ul>
|
||
</li><li id="iam_01_0031__li14667140175615">You cannot change the access type of users, but you can control their access by enabling or disabling the user accounts.</li></ul>
|
||
</div></div>
|
||
</p></li><li id="iam_01_0031__li5464458604"><span>(Optional) Click <strong id="iam_01_0031__b8249165244310">Next</strong> and add the user to one or more user groups.</span><p><ul id="iam_01_0031__ul13163164116"><li id="iam_01_0031__li816374116">The user will inherit the permissions assigned to the user groups to which the user belongs.</li><li id="iam_01_0031__li1516364612">You can also create new groups as required.</li></ul>
|
||
<div class="note" id="iam_01_0031__note514453815218"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="iam_01_0031__ul19859123954411"><li id="iam_01_0031__li1420014994411">If the user will be an administrator, add the user to the default group <strong id="iam_01_0031__b325620273449">admin</strong>.</li><li id="iam_01_0031__li38601839144410">You can add a user to multiple user groups.</li></ul>
|
||
</div></div>
|
||
</p></li><li id="iam_01_0031__en-us_topic_0046611303_li19845579"><span>Click <strong id="iam_01_0031__b1320881019455">Create</strong>. If you have specified the access type as <strong id="iam_01_0031__b123791316464">Programmatic access</strong>, download the access key on the <strong id="iam_01_0031__b624341314464">Finish</strong> page.</span></li></ol>
|
||
</div>
|
||
</div>
|
||
<div>
|
||
<div class="familylinks">
|
||
<div class="parentlink"><strong>Parent topic:</strong> <a href="iam_01_0027.html">Getting Started</a></div>
|
||
</div>
|
||
</div>
|
||
|