Managing System Administrators¶
Anaconda Enterprise distinguishes between System Administrators responsible for authorizing AE platform users, and System Administrators responsible for managing AE resources. This enables enterprises to grant the permissions required for configuring each to different individuals, based on their area of responsibility within the organization.
Sys Admins who are granted permission to access the Authentication Center can configure authentication for all platform users, including platform Admins. See managing users for information on how to create and manage Authentication Center Admins.
The login credentials for the Operations Center are initally set as part of the post-install configuration process. Follow the steps outlined below to authorize additional Admin users to manage cluster resources, using the Operations Center UI or using a command line. If you prefer to use OpenID Connect (OIDC), see Configuring Operations Center Admins using Google OIDC.
Managing Operations Center Admins using the UI¶
Click Manage Resources.
Login to the Operations Center using the Administrator credentials configured after installation.
Select Settings in the login menu in the upper-right corner.
In the left menu, select Users, then click + New User in the upper-right corner.
@teleadminfrom the Roles drop-down list, and click Create invite link.
Copy the invitation URL that is generated, replace the private IP address with the fully-qualified domain name of the host, if necessary, and send it to the individual using your preferred method of secure communication. They’ll use it to set their password, and will be automatically logged in to the Operations Center when they click Continue.
To generate a new invitation URL, select Renew invitation in the Actions menu for the user.
Select Revoke invitation to prevent them from being able to use the invitation to create a password and access the Operations Center. This effectively deletes the user before they have a chance to set their credentials.
To delete—or otherwise manage—an Operations Center user after they have set their credentials and completed the authorization process, select the appropriate option from the Actions menu.
Managing Operations Center Admins using a command line¶
To create a new Admin:
Run the following commands on the Anaconda Enterprise master node, replacing
<yourpass> with the email address and password for the user:
sudo gravity enter gravity --insecure user create --type=admin --email=<email> --password=<yourpass> --ops-url=https://gravity-site.kube-system.svc.cluster.local:3009
To verify that the user was created, run the following command:
sudo gravity resource get users
To update an Admin user’s password:
To update an Admin user’s password, you’ll need to delete the user account, then re-create it, replacing
<yourpass> with the email address and new password:
sudo gravity enter gravity --insecure user delete --email=<email> --ops-url=https://gravity-site.kube-system.svc.cluster.local:3009 gravity --insecure user create --type=admin --email=<email> --password=<yourpass> --ops-url=https://gravity-site.kube-system.svc.cluster.local:3009