User
See also:
A Juju user is any person able to log in to a Juju controller. This document describes the various ways that a user may interact with Juju, depending on their role.
Contents:
User roles
Controller-level roles
login
Gives you the ability to log in to the controller, nothing else. Role granted via juju register
. Effective starting with the moment the user has registered.
A person logged into the jaas
controller automatically has the login role. This is automatically granted via juju grant login everyone@external
.
add-model
Gives you the ability to create your own model in the controller. Role granted by the controller superuser using the juju grant add-model <(comma-separated list of )username(s)>
. A person with an add-model role can give someone else whatever model permissions they want to that model via juju grant <(comma-separated list of )rolename(s)> <(comma-separated list of )username(s)>
.
superuser
God-mode. Admin. You can do anything, e.g., add or remove users, give permissions, etc. Role granted to the Juju client when bootstrapping a controller. Role name automatically assigned to the username “admin”. The role can also be granted via juju grant superuser <(comma-separated list of )username(s)>
.
Since multiple controllers—and therefore multiple controller administrators—are possible, there is no such thing as an overarching “Juju administrator”. Nevertheless, a user with the superuser role is usually what people refer to as “the admin”.
Model-level roles
read
A person with this role can view the content of a model without changing it. The most common command to do this is juju status
, but the user can also use any other of the read commands, e.g., juju machines> or
juju show-machines`.
write
A person with this role can deploy and manage applications on the model. Essentially, they can do anything to the model except delete it and grant permissions to other users.
consume
A person with this role can consume offers hosted by that model. They cannot do anything else to the model.
admin
God-mode for the model.
Cloud-level roles
admin
add-model
Last updated 2 months ago.