1. Microservices Architecture Documentation
  2. Deploy
  3. Add Users to a Deployment

Add Users to a Deployment

Each deployment has its own set of users with specific roles. The Service Manager administrator user is created from OGGCA Service Manager Administrator screen. This user can connect to the Service Manager. This user does not have access to other microservices.

However, when you configure the administrator account for the microservices using the User Deployment Administrator screen in OGGCA, you can select to use the Service Manager administrator credentials to access the microservices as well.


User Deployment Administrator user screen

As shown in the image, if you enable the "Same as Service Manager administrator credentials", then the other fields are disabled because the same user credentials are used to access the Service Manager and the deployment microservices.

Other users created from the Service Manager can only access the Service Manager. User created from the Administration Service web interface can access all microservices, but they cannot access the Service Manager.

These users are not available with other deployments on the same host server.

To create users from the Service Manager or Administration Service:

  1. Log in to either the Service Manager or the Administration Service.

  2. From the left navigation pane, select User Administration.

  3. Click Users (+) to add users.

  4. Enter a unique user name.

  5. Select one of the roles from the Role list box. The options are User, Operator, Administrator, and Security.

    Table 3-1 Oracle GoldenGate User Roles and Privileges

    Role ID Privilege Level

    User

    Allows information-only service requests, which do not alter or effect the operation of either the MA. Examples of Query/Read-Only information include performance metric information and resource status and monitoring information.

    Operator

    Allows users to perform only operational actions, such as creating, starting and stopping resources. Operators cannot alter the operational parameters or profiles of the MA server.
    Administrator

    Grants full access to the user, including the ability to alter general, non-security related operational parameters and profiles of the server.

    Security

    Grants administration of security related objects and invoke security related service requests. This role has full privileges.

  6. Select the user type from the Type list box as Password or Certificate.

    If you select the user type as Password, then the authentication is done based on the username and password.

    If you select the user type as Certificate, then the user will authenticate itself by presenting a client certificate. After you select the Certificate option, you need to enter the common name (in the certificate that will be presented such CN="certuser").

    Note:

    The certificate is with the user and not saved by the Oracle GoldenGate service. When presented for authentication, the Oracle GoldenGate service first authenticates that the certificate presented can be trusted and then checks if the common name in the certificate has been registered as a valid user. If yes, it will assign the appropriate user role.

  7. Enter information that describes the user.

  8. Click Submit. The user is registered.