Skip to main content

User

User Creation

Sleakops has three fundamental fields of user permissions: Role: Defines what the user is allowed to do inside SleakOps, it's separated into three roles, 'Admin', 'Editor' and 'Read Only'.

  • Viewer: Read-only user. In AWS IAM it uses the ReadOnlyAccess
  • Editor: It has PowerUser permissions which allows them to create infrastructure resources in Sleakops and AWS but not to manage users. You have to select to which accounts the User will have permissions. In AWS IAM it uses the PowerUserAccess
  • Admin: Same as Editors but with the addition that they can manage other users permissions and they have complete access to every account. In AWS IAM it uses the AdministratorAccess

AWS Account Accesses: This field shows you every account, here you select to which accounts the user (Editor or Read-only) will have access. VPN Account Accesses: It's similar to the AWS account accesses field but here you set if a user it's also created on the VPN Server of the account you give. More information can be checked on VPN documentation

USER-creation-form

For access into the AWS accounts SleakOps initially sets a random password and sends it to the email of the created user. The user can login with that password but it will be obligated to change its password on the first login. For SleakOps platform access we use the password that was set on the User form.

After this user creation an AWS User will be created on the 'security' Account, this account is where we control acesses to all the SleakOps AWS accounts. We will also create, depending on the configuration, users on the VPN servers, read how to use them on the corresponding documentation and on the SleakOps user.