Skip to content

Users

Jump to bottom
dbeaver-devops edited this page Nov 14, 2024 · 12 revisions

Table of contents

Overview

This article gives you an overview of how to create user in CloudBeaver and Team Edition.

Creating user

There are two types of users:

  • Local users: Created by the Administrator.
  • AWS and Federated users: These users are managed externally through AWS or federated identity providers and are authorized to access the system via Single Sign-On (SSO).

For more information on Identity providers, see Authentication methods.

Local users

To create a new local user, follow these steps:

  1. As an administrator, go to Settings -> Administration -> Users and Teams -> Teams.

  2. Click on the + Create button.

  3. Fill in the necessary details in the provided fields.

    Field Name Description Additional Info
    Username Enter the desired username for the account.
    User password Set a password for the account. The user can change their password after initial setup.
    Repeat password Re-enter the password for verification.
    Role (only in Team Edition) Select the user's role from the dropdown. For more information about roles, see Roles in Team Edition.
    User Status Toggle to enable or disable the user. Default status is Enabled.
    User Team (Optional) Assign the user to one or more teams. A team defines the permissions a user has within the system. For more information on teams, see Teams and Teams in Team Edition .
    First Name (Optional) Provide the user's first name.
    Last Name (Optional) Provide the user's last name.
    AWS Role ARN (Optional) Enter the AWS Role ARN. For more information about AWS roles, see AWS Settings.
    Microsoft Entra ID User ID (Optional) Enter the Microsoft Entra ID. For more information, see Azure AD authentication.

  4. To complete the process, click on the Create button.

    Once created, the user can be authenticated using local authentication methods. The user's permissions will be determined by their assigned profile.

Connection access

If necessary, you can provide the user with connection access. This setting can be found and adjusted within the Connection Access tab.

See the additional information on Connection management.

Remember, user management is an important aspect of maintaining system security. Always ensure that users are granted only the access and permissions necessary for their tasks.

Enabling Federated authentication for local users

To allow a local user to authenticate through AWS/Federated auth methods, the local user's username must match the user's email address, which will connect via SSO (Single Sign-On). This alignment is necessary for the federated authentication process to succeed.

Note: This step is crucial during user creation as the username cannot be changed later.

AWS and Federated users

When a user logs in using AWS or Federated authentication for the first time, CloudBeaver and Team Edition automatically creates a user profile assigned to the default team. Administrators can later change this team assignment as necessary.

Note: Administrators cannot create AWS or Federated users directly in the application. CloudBeaver and Team Edition only works with existing AWS and Federated users. For more information on Identity providers, see Authentication methods.

Managing users in CloudBeaver AWS Edition

CloudBeaver AWS Edition is designed to support only AWS and Federated users, excluding local user access. Therefore, it is not possible to create local users within this environment. Users must be imported into the system.

For more information, refer to Administration Users Provisioning.

Editing user

The process of editing a user is similar to creating one, except you need to access an existing user.

When editing an existing user, you also have additional options:

Auth methods

In the Auth Methods tab, administrators can see and remove the authentication methods associated with a user.

You can remove an existing authentication method:

  1. Select the desired method from the dropdown menu.
  2. Click the DELETE button.

Tip: If you need to restore local authentication for the user, navigate to the Info tab and assign a new password to the user. This action will re-enable local authentication.

Deleting a user

If you need to permanently remove a user from the system, you can do so through the Delete user option. When you attempt to delete a user, a confirmation dialog will appear to ensure that this action is intentional.

  1. To delete a user, select the Delete option.

  2. Follow the prompts in the dialog to confirm the deletion.

    Tip: If you prefer to keep the user but prevent their access, consider using the Disable option in the dialog. Alternatively, you can disable a user by selecting the checkbox in the Info section of the user profile.

CloudBeaver - Web Database Manager

CloudBeaver Documentation

User Guide

Installation

Configuration

CloudBeaver AWS

CloudBeaver Enterprise Edition

Team Edition

Deployment

Clone this wiki locally