Creating local users

You can create local users and assign them to one or more local groups to control their access permissions.

Before you begin

About this task

S3 users who do not belong to any groups do not have management permissions or S3 group policies applied to them. These users might have S3 bucket access granted through a bucket policy.

Swift users who do not belong to any groups do not have management permissions or Swift container access.


  1. Select ACCESS MANAGEMENT > Users.
    The Users page appears and lists the current users.
    Users page
  2. Select Create user.
    Step 1 (Enter credentials) appears.
    Create user dialog box
  3. Complete the following fields.
    • Full name: The full name for this user, for example, the first name and last name of a person or the name of an application.
    • Username: The name this user will use to sign in. Usernames must be unique and cannot be changed.
    • Password: A password, which is used when the user signs in.
    • Confirm password: Type the same password you typed in the Password field.
    • Deny access: If you select Yes, this user cannot sign in to the tenant account, even though the user might still belong to one or more groups.

      As an example, you can use this feature to temporarily suspend a user's ability to sign in.

  4. Select Continue.
    Step 2 (Assign to groups) appears.
  5. Assign the user to one or more local groups.
    Users who do not belong to any groups will have no management permissions. Permissions are cumulative. Users will have all permissions for all groups they belong to.
  6. Select Create user.
    A confirmation message appears in the upper right corner of the page. Changes might take up to 15 minutes to take effect because of caching.