Create a new tenant-user

Goal

  • A new tenant-user has to be set up to use the multitenancy feature.

Prerequisites

  • The necessary configurational steps require CLI root access for user management.

About the CLI airlock-user-manager-tool

Use airlock-user-manager-tool --help to receive a list of the available functionality of this tool.

Instruction - Generate a new tenant-user via CLI

 
Risk

For security reasons, the user-manager-tool does not allow creating a password for tenant-users.

A password would allow the tenant-user to enter the Configuration Center and thus removing the isolation between tenant-users.

  1. Login as root on the Airlock Gateway via CLI.
  2. Run the following command:
  3.  
    Terminal box
    # airlock-user-manager-tool -u {new_user} -t {new_tenant} -j -s -r airlock-administrator
  4. A new tenant-user together with a unique JWT and airlock-administrator role have been created.
  5.  
    Info

    Assigning the airlock-administrator role to the new user will not give full administrative access to the tenant-user.

    Without a password, the access of a tenant towards the Airlock Gateway is strictly limited to tenant-related REST-commands only.

After creating a new tenant-user, it is necessary to set the users access rights accordingly. Proceed with chapter Assign objects to tenant-users.