Goal
A new tenant-user has to be set up to use the multitenancy feature.
Prerequisites
- The necessary configurational steps require CLI root access for user management.
About the CLI airlock-user-manager-tool
Use airlock-user-manager-tool --help to receive a list of the available functionality of this tool.
Instruction - Generate a new tenant-user via CLI
For security reasons, the user-manager-tool does not allow creating a password for tenant-users.
A password would allow the tenant-user to enter the Configuration Center and thus removing the isolation between tenant-users.
- Login as root on the Airlock Gateway via CLI.
- Run the following command:
- A new tenant-user together with a unique JWT and airlock-administrator role have been created.
copy
# airlock-user-manager-tool -u {new_user} -t {new_tenant} -j -s -r airlock-administrator
Assigning the airlock-administrator role to the new user will not give full administrative access to the tenant-user.
Without a password, the access of a tenant towards the Airlock Gateway is strictly limited to tenant-related REST-commands only.
After creating a new tenant-user, it is necessary to set the users access rights accordingly. Proceed with chapter Assign objects to tenant-users.