This procedure ensures that the CDP machine user gets permission to access the
tenant bucket.
Repeat the following steps for each tenant:
-
In Management Console, , click CREATE GROUP and create a User Management Service (UMS)
group, for example group-tenant-1.
-
In , search for and select your srv_machine_<env
id>_storage_role to add this UMS machine user to
group-tenant-1.
-
In , select an environment , and click .
-
Click + to add a mapping, select the Group-tenant-1 and
Role-tenant-1, and specify the
role ARN (copied from the IAM role page on AWS).
-
Synchronize your group changes with FreeIPA by performing a user sync per
environment: In the RAZ-enabled environment, click
The UMS machine user gets the permission to access the tenant-specific
container.