Creating groups for a Swift tenant

You can manage access permissions for a Swift tenant account by creating local groups or by importing federated groups. At least one group must have the Administrator permission, which is required to manage the containers and objects for a Swift tenant account.

Before you begin

You must be signed in to the Tenant Manager using a supported browser.
You must be the root user or have the Root Access permission.

Steps

Select Access Control > Groups.
Click Add.
Select Local to create a local group, or select Federated to import a group from the previously configured identity source.

Enter the group's name.

If you selected...	Enter...
Local	Both a display name and a unique name for this group. You can edit the display name later.
Federated	The unique name of the federated group. Note: For Active Directory, the unique name is the name associated with the sAMAccountName attribute. For OpenLDAP, the unique name is the name associated with the uid attribute.

In the Management Permissions section, select Root Access if you want users in this group to be able to sign in to the Tenant Manager or the Tenant Management API.
Attention: Users who do not have the Root Access permission receive an error if they try to sign in to the tenant account.
In the Swift Permissions section, select Administrator if you want users in this group to be able to use the Swift REST API to create and manage Swift containers and objects.

Attention: Users must have the Administrator permission to perform operations with the Swift REST API. The tenant account's root user does not have permission to use the Swift REST API.
Click Save.
New group policies might take up to 15 minutes to take effect because of caching.