Updated on 2022-08-12 GMT+08:00

Adding a User and Binding the User to a Tenant Role

Scenario

The created tenant cannot directly log in to the cluster to access resources. Administrators need to create a user for a tenant on FusionInsight Manager and bind the user to a tenant role to assign operation rights to the user.

Prerequisites

The system administrator has understood service requirements and created a tenant.

Procedure

  1. On FusionInsight Manager, click System > Permission > User.
  2. To add a user to the system, click Create.

    To bind tenant rights to an existing user in the system, click Modify in the column where the user locates. The configuration page is displayed.

    For details about configuring parameters of a user, see Table 1.
    Table 1 User parameters

    Parameter

    Description

    Username

    Specifies the name of the current tenant. The value consists of 3 to 32 characters, which can be letters, digits, underlines (_), hyphens(-), or spaces.

    • Username cannot be the same as any username of the OS on each node in the cluster. Otherwise, the user account cannot be used properly.
    • Usernames of the same letters but different cases are not supported. For example, if User1 already exists, user user1 cannot be created. When using user User1, enter the correct username.

    User Type

    Options include Human-Machine and Machine-Machine.

    • Human-Machine user: Used in FusionInsight Manager O&M scenarios and component client operation scenarios. If you select Human-Machine, you need to set Password and Confirm password.
    • Machine-Machine user: Used in application development scenarios. If you select Machine-Machine, the user password is generated randomly.

    Password

    If you select Human-Machine, set Password.

    The password must contain 8 to 64 characters, consisting at least 4 of uppercase letters, lowercase letters, digits, and special characters and spaces. Cannot be the username or username spelled backwards.

    Confirm Password

    Enter the password again.

    User Group

    In User Group, click Add to add the user to a user group.

    • If a role is added to a user group, users in the user group can obtain the rights of the role.
    • For example, assign Hive rights to the new user and add the user to the Hive group.

    Primary Group

    Select a group as the primary group of directories and files of the user. The drop-down list contains groups that are selected in User Group.

    Role

    Click Add to add a role to the user as required.
    NOTE:
    • If a user wants to use resources allocated to tenant1 add sub-tenants to or delete sub-tenants from tenant1, bind the Manager_tenant and tenant1_cluster ID roles to the user.
    • If the tenant is associated with the HBase service and Ranger authentication is enabled for the current cluster, you need to configure the HBase execution permission on the Ranger WebUI.

    Description

    Configure the description of the current user.

  3. Click OK.