After your cloud is running and DNS is functional, create a user and access key for
day-to-day cloud administration.
Prerequisites
- Eucalyptus cloud services must be installed and registered.
- Eucalyptus DNS must be configured.
Tip: This is where you would begin using the admin role, if you want to use
that feature.
To create a cloud admin user
-
Eucalyptus admin tools and Euca2ools
commands need configuration from ~/.euca. If the directory does
not yet exist, create it:
-
Choose a name for the new user and create it along with an access key:
euare-usercreate -wld DOMAIN USER >~/.euca/FILE.ini
where:
- DOMAIN must match the DNS domain chosen in Configure Eucalyptus DNS.
- USER is the name of the new admin user.
- FILE can be anything; we recommend a descriptive
name that includes the user's name.
This creates a file with a region name that matches that of your cloud's DNS
domain; you can edit the file to change the region name if needed.
Note: This creates an admin user in the built-in 'eucalyptus' account. The admin
user has full control of all aspects of the cloud. For additional security,
you might instead want to create a new account and grant it access to a more
limited administration role. See the
Identity and Access Management (IAM) Guide for more
information.
-
Switch to the new admin user:
eval `euare-releaserole`
export AWS_DEFAULT_REGION=REGION
where:
- REGION must match the region name from the previous
step. By default, this is the same as the cloud's DNS domain chosen
in Configure Eucalyptus DNS.
As long as this file exists in ~/.euca, you can use it
by repeating the export command above. These
euca2ools.ini configuration files are a flexible means
of managing cloud regions and users. See the Euca2ools Reference Guide
for more information.
What to do next
The remainder of this guide assumes you have completed the above steps.
Use these credentials after this point.