A user was initially specified and created during the deployment process. As with any new user, you were required to change your password as you signed in for the first time. The
Manage Users section of the console is to extend the management of user(s) beyond that initial setup. From the Manage Users page you can create additional users (assuming your user is an
Admin), delete users and modify users in the form of assigning them to groups and changing their roles.
Managing users involves creating, modifying, deleting or activating/deactivating their accounts. At the time of creation you will also assign them one or multiple groups to belong to. You can change the group assignment later as well.
You may not be using Groups to organize your accounts. There is always one group created by default, the Primary group. In this situation you would specify Primary as the group value.
As seen below you are presented a simple page with the list of existing users. Directly after install you will only have one user in the list that was created during deployment. You can add more users as desired from this page and they will be reflected here as well.
Creating a new account is a simple process. Click the
Create User button.
User Name, a valid
Email Address, the
User Access Level and a
Group to belong to. An email will be sent to the specified email address with a login URL and
Temporary Password. There are two
User Access Levels:
User. The difference being
Admin has access to all screens and configuration capabilities, while the
User will not be able to create additional users or modify any of the configuration.
User account types can see all dashboards and buckets and can enable / disable buckets.
After creating the new user, they will be in a
pending state until they have logged in and reset their password. They have 7 days to complete this with the password that was sent to them. After that time period, they can just initiate a password reset to finish off the process.
To modify an existing user, select the action menu () on the particular user's row. Now select the appropriate action you'd like to take: Change Groups, Change Role, Disable User or Enable API Access. If the user has already been disabled you will be given an option to delete the user.
Change Groups pops open the following:
Change Role pops open the following:
Disable and Delete User¶
In order to delete a user, you must disable the user first.
Setup for API Scanning Access¶
Setting up API Access for a user enables their username and password to be used to send file scan requests against the configured API Agents. You must associate a user to an Account Number track usage. Because API scanning can operate outside the bounds of Amazon S3, we have to fabricate a usage tracking mechanism. So any API file scanning this user does will be tied to the Account Number associated.
To enable a user for API access you select the Actions menu for the user and select
Enable API Access
You'll be prompted to pick an account to associate to the user and then click the
Enable Access button
Afterwards you will notice they have an Account Number showing under the API Account column
For more information on API based file scanning, check out the API Scanning Overview page.
To change your own password, you will select the user icon in the upper right corner of the console and select
Change Password from the menu.
Just as you did when you first logged into the console, you need to provide your current password and then what you'd like for your new password. Be sure to follow the rules as described at the bottom of the page.
You cannot reset another user's password from the console. Have the user leverage the
Forgot Password link at the login screen.
To sign out of the console, you will select the user icon in the upper right corner of the console and select
Sign Out from the menu.