Identity Management in the Management Console

Page last updated:

You can add individual users or user groups to Enterprise PKS Management Console. You can assign the Cluster Manager and PKS Administrator roles to individual users or to groups. If you assign a role to a group, all of the users in that group have that role.

For information about the tasks that Cluster Managers can perform, see Enterprise PKS Cluster Management. The PKS Administrator role allows users to manage the Enterprise PKS infrastructure.

Add Individual Users

The procedure to add individual users to Enterprise PKS Management Console is as follows.

Note: This release of Enterprise PKS Management Console does not support assigning roles to individual LDAP or SAML users. To assign roles to LDAP or SAML users, use user groups.

  1. Go to the Identity Management view of the management console.
  2. Select the Users tab.
  3. Click Add User.
  4. Select LDAP or UAA depending on the configuration that you set when you deployed Enterprise PKS.
    • If you select LDAP, enter a comma-separated list of user identities. The user identities must be configured in the user search filter. The default is CN.
    • If you select UAA, enter a user name and enter and verify a password to create a new user account.
  5. Assign a role to the user.
    • Cluster Manager
    • PKS Administrator
  6. Click Save.
  7. If you do not assign a role to a user when you create or add the account, or to change a user’s role, select the user in the Users tab, and select Assign Role.

Add User Groups

The procedure to add user groups to Enterprise PKS Management Console is as follows.

  1. Go to the Identity Management view of the management console.
  2. Select the Groups tab.
  3. Click Add Group.
  4. Enter an existing LDAP or SAML user group.
    • LDAP: Enter the distinguished name of an existing LDAP group under the configured group search base, for example cn=admins,ou=engineering,dc=username,dc=local.
    • SAML: Enter the name of your SAML identity provider group.
  5. Assign a role to the group.
    • Cluster Manager
    • PKS Administrator
  6. Click Save.

Note: You must assign a role to a group when you add it. You cannot assign, change, or revoke a group role after you have added the group.

Remove Individual Users

The procedure to remove individual users from Enterprise PKS Management Console is as follows.

  1. Go to the Identity Management view of the management console.
  2. Select the Users tab.
  3. Select a user.
  4. Click Remove User.

Remove User Groups

The procedure to remove individual users from Enterprise PKS Management Console is as follows.

  1. Go to the Identity Management view of the management console.
  2. Select the Groups tab.
  3. Select a group.
  4. Click Remove Group.

Please send any feedback you have to pks-feedback@pivotal.io.