Lyve Cloud Documentation

Managing users and roles

The Users page allows you to create users and set user roles. A user is an individual customer who can perform various actions in the Lyve Cloud console based on the assigned role. A role restricts the actions a user may perform, which prevents unauthorized access to Lyve Cloud features.

About user roles

You can set distinct roles for Lyve Cloud users. These users can perform actions based on assigned roles, see Role-based access sections in the respective topics.

  • Administrator - An administrator can perform all the operations in the Lyve Cloud console.

  • Customer Administrator - The customer administrator can manage all customer-related actions in Lyve Cloud.

  • Auditor - An auditor has read only access to the Lyve cloud console, and thus cannot perform any actions.

About user and authentication types
User types

In Lyve Cloud, there are two distinct user types:

  • IAM user: users whose username and password are managed in Lyve Cloud.

  • Federated user: users who are authenticated via their organization's identity provider (IdP).

Note

Federated users only exist when SAML Federation is configured on the account.

About authentication types

Set an authentication type while creating a user. The following are the available authentication types for each of the user types.

IAM users have the following authentication types:

Federated users have the following authentication type:

  • Federated: This option is available only when you configure SAML Federation for the account. For more information, see .

About user and authentication types
About user types

In Lyve Cloud, there are two distinct user types:

  • Password user: Users whose username and password are managed in Lyve Cloud

  • Federated user: Users who are authenticated via their organization's identity provider (IdP).

    Note

    Federated users only exist when SAML Federation is configured on the account.

About authentication types

Set an authentication type while creating a user. The following are the available authentication types for each of the user types.

Multi-factor authentication (MFA) is enabled by default for IAM users. Multi-Factor Authentication required two authentication methods:

Federated users have the following authentication type:

  • Federated: This option is available only when configuring SAML Federation for the account. For more information, see Configuring Federated Login.

Adding users

To add a user:

  1. On the left-hand menu, select Users.

  2. On the Users page, select Add User.

  3. In the Add New User dialog box enter the following and select Add User:

    1. First Name - Enter the first name of the user.

    2. Last Name - Enter the last name of the user.

    3. Email - Enter the email address of the user.

    4. Note: You cannot modify the email address after adding a user.

  4. Select Role from the following options: Administrator, Customer Manager, Auditor.

  5. Select Authentication Type.

    • If SAML Federation is not configured, no selection required, and the following are possible display options:

      • Password: This option is displayed when MFA settings are Off.

      • Multi-factor: Displayed when MFA settings are On.

    • If SAML Federation is configured, there are 2 options to select from:

      • Federated

      • Password or Multi-Factor (this depends on the MFA settings)

  6. Select Add User.

  7. An invitation email is sent to the IAM users to complete the registration process. For information, see Registering an IAM user in Lyve Cloud.

  8. The following image displays the Add New User dialog box.

    Add_user.png
Registering an IAM user in Lyve Cloud

When an IAM user is registered in Lyve Cloud, the user receives an email invitation. They must register in Lyve Cloud by Multi-factor Authentication (MFA), a security method that is set by default for all accounts.

The following image displays a sample email invite. This email invitation link expires within 72 hours.

615d9848b6691.png

If the user doesn't select the link within 72 hours, they should select Forgot Password on the login page. For more information, see Registering after an email invitation link expires. Check your spam folder if you believe you did not receive an email invitation or contact the support team at support.lyveloud@seagate.com to complete the registration process.

Registration workflow for password authentication type

After the user is registered in Lyve Cloud and receives an email invitation, they should complete the registration.

Procedure. To complete the registration:
  1. Select the link provided in the invitation email to get started.

  2. Enter Password and Confirm password in the Create Password dialog and select Create.

    Note

    Refer to the Password Policy while creating a new password.

  3. Once a password is created, the user is taken to the Lyve Cloud Login page.

Viewing and editing a user

An administrator can change the first name, last name, and the assigned role of an IAM user.  Only administrators can edit or redefine roles for users, they cannot edit or change roles defined for themselves. If a change to an administrator role is desired, a different administrator must make the change.

Note

Once a profile is edited, the respective user must log out of Lyve Cloud and log back in for role changes to take effect.

The following table describes the column names in the user's table.

Column Name

Description

First Name

Displays the user's first name.

Last Name

Displays the user's last name.

Email

Displays the user's email address.

Authentication Type

Displays the user's authentication type. For more information, see About MFA

Role

Displays role of the selected user. About user roles.

Status

Displays the user's status as either Enabled or Disabled.

Procedure. To view or edit a user
  1. On the left-hand menu, select Users. 

  2. On the Users page, find the user you want to change.

  3. Select the ellipses (...) in the right-most column of the user's role and select Edit.

    Edit_User-5_3.png
  4. In the Edit User dialog box, edit the following and select Save.

    • First Name: Enter the first name of the user.

    • Last Name: Enter the last name of the user.

    • Select a Role to modify from the following options

      • Admin

      • Storage Admin

      • Auditor

    You can also see the Authentication Type of the user, which is read-only and not editable.

    Note

    While editing a user, you cannot modify the email address.

Disabling or enabling a user
Procedure. To enable or disable a user
  1. On the Users page, select the ellipses against the user and select Disable or Enable.

  2. Select the ellipsis and select Disable or Enable.

  3. Select Yes, in the confirmation box to change the status.

Deleting a user
Procedure. To delete a user:
  1. On the left-hand menu, select Users.

  2. On the Users page, find the user you want to change.

  3. Select the ellipsis and select Delete.

  4. Select Yes in the confirmation to change the status.

Resetting password
Procedure. To reset user password:
  1. On the left-hand menu, select Users.

  2. On the Users page, a list of users is displayed.

  3. Select the eclipses and then select Reset Password.

  4. Select Yes to reset the password.

Video: How to manage users and assign roles