Create the Eucalyptus Cloud Administrator User

After your cloud is running and DNS is functional, create a user and access key for day-to-day cloud administration.

Prerequisites
Tip: This is where you would begin using the admin role, if you want to use that feature.
To create a cloud admin user
  1. Eucalyptus admin tools and Euca2ools commands need configuration from ~/.euca. If the directory does not yet exist, create it:
    mkdir ~/.euca
  2. Choose a name for the new user and create it along with an access key:
    euare-usercreate -wld DOMAIN USER >~/.euca/FILE.ini
    where:
    • DOMAIN must match the DNS domain chosen in Configure Eucalyptus DNS.
    • USER is the name of the new admin user.
    • FILE can be anything; we recommend a descriptive name that includes the user's name.

    This creates a file with a region name that matches that of your cloud's DNS domain; you can edit the file to change the region name if needed.

    Note: This creates an admin user in the built-in 'eucalyptus' account. The admin user has full control of all aspects of the cloud. For additional security, you might instead want to create a new account and grant it access to a more limited administration role. See the Identity and Access Management (IAM) Guide for more information.
  3. Switch to the new admin user:
    eval `euare-releaserole`
    export AWS_DEFAULT_REGION=REGION
    where:
    • REGION must match the region name from the previous step. By default, this is the same as the cloud's DNS domain chosen in Configure Eucalyptus DNS.

    As long as this file exists in ~/.euca, you can use it by repeating the export command above. These euca2ools.ini configuration files are a flexible means of managing cloud regions and users. See the Euca2ools Reference Guide for more information.

What to do next

The remainder of this guide assumes you have completed the above steps.

Use these credentials after this point.