See also: How to manage users
In Juju, a user is any person able to log in to a Juju controller.
Juju users are not related in any way to the client system users.
Users can be created in two ways: Implicitly by bootstrapping a controller into a cloud or explicitly by adding a user to a controller (juju add-user
).
A user logs in to a Juju controller using a username and a password. The user created implicitly gets the username admin
and is prompted to create a password the first time they attempt to log out. A user created explicitly gets the username assigned to them when being added (via juju add-user
) and is prompted to create login details when they register the new controller with their Juju client.
A user’s username and password are entirely different from the credentials referenced in juju
commands such as add-credential
—those are about access to a cloud, whereas these are about access to a Juju controller.
Multiple users can be accommodated by the same Juju client. However, there can only be one user logged in at a time.
Every user is associated with an access level. The default level for the user created implicitly (admin
) is the controller superuser
access level, which means they can do everything at the level of the entire controller. The default level for a user created explicitly is the controller login
level, which means they can do nothing on the controller other than register it with their client and log in to it – for anything more they must be granted a higher level explicitly.
See more: User access levels