Abiquo 5.0.1 enables the user to easily create a user account in a cloud provider when the enterprise already has API credentials. From here the user can also click a link to access the portal.
Abiquo now displays the public cloud account identifiers on the Credentials tab.
Use cases and requirements
Users will work with this feature when:
1. The reseller created a cloud account for the enterprise and the API credentials are in the user's enterprise, but the user has no console account.
2. The enterprise's IT administrator created a cloud account for the enterprise and allows the tenant administrator to create a user account
To create a user, your enterprise must have API credentials for the cloud provider with permissions to create users. (When a reseller creates an account in Azure, it now has the User Administrator role to create users). And your user must have the privilege to "Manage user creation in provider".
Create a user
To create a user, the platform will send the following to the cloud provider:
- Details from your user account, including the username and email
- A password that is generated automatically, using the same method and configuration as the guest password feature
When you click Create user, Abiquo creates an event with the enterprise ID, user ID, user email, date/time, and cloud provider.
Abiquo displays the user credentials only once and it does not store the credentials.
You can click a link to access the console, for example, for AWS, for the User portal link the platform enters the account number, then the user enters the user and password.
By default, the user in the cloud provider has the same role or groups as the API user of the enterprise. In AWS, this is the built-in Owner role, in Azure, the user is added to the same groups, and in vCloud, the user is an Organization administrator or similar, but you can configure it.
Configuration
To configure this feature, you can set the following Abiquo Configuration Properties:
- Automatically generated password
- abiquo.guest.password.length
- abiquo.guest.password.exclude
- vCloud define another role for the user
abiquo.vdc.org.userRoleName