Tenant management permissions are assigned to groups and determine which tasks users can perform using the Tenant Management Interface or the Tenant Management API. A user can belong to one or more groups.
To sign in to the Tenant Management Interface or to use the Tenant Management API, users must belong to a group that has at least one permission. All users who can sign in can perform the following tasks:
You can assign the following permissions to a group. Note that S3 tenants and Swift tenants have different group permissions.
| Permission | Description |
|---|---|
Root Access |
Provides access to all tenant administration features. Allows users to perform these tasks:
|
Administrator |
Swift tenants only. Provides full access to data using the Swift protocol. |
Manage Your Own S3 Credentials |
S3 tenants only. Allows users to create and remove their own S3 access keys. Users who do not have this permission do not see the menu option. |
Manage All Containers |
|
Manage Endpoints |
S3 tenants only. Allows users to use the Tenant Management Interface or the Tenant Management API to create or edit endpoints, which are used as the destination for StorageGRID Webscale platform services. Users who do not have this permission do not see the menu option. |