mc admin user add
The mc admin user add command adds a new AIStor user to the target AIStor deployment.
To manage external Identity Provider users, see OIDC or AD/LDAP.
Syntax
Parameters
ACCESSKEY
Required
The access key that uniquely identifies the new user, similar to a username.
ALIAS
Required
The alias of a configured AIStor deployment on which to create the new user.
SECRETKEY
Required
The secret key for the new user. Consider the following guidance when creating a secret key:
- The key should be unique
- The key should be long (Greater than 12 characters)
- The key should be complex (A mixture of characters, numerals, and symbols)
Global flags
This command supports any of the global flags.
Example
Create a New User
Use mc admin user add to create a user on an AIStor deployment:
   mc admin user add ALIAS ACCESSKEY SECRETKEY
- Replace ALIASwith thealiasof the AIStor deployment.
- Replace ACCESSKEYwith the access key for the user.
- Replace SECRETKEYwith the secret key for the user. AIStor does not provide any method for retrieving the secret key once set.
Specify a unique, random, and long string for both the ACCESSKEY and SECRETKEY.
Your organization may have specific internal or regulatory requirements around generating values for use with access or secret keys.
Behavior
New Users Have No Default Policies
Newly created users have no policies by default and therefore cannot perform any operations on the AIStor deployment. To configure a user’s assigned policies, you can do either or both of the following:
- Use mc admin policy attachto associate one or more policies to the user.
- Use mc admin group addto associate the user to the group. Users inherit any policies assigned to the group.
For more information on AIStor users and groups, see User Management and Group Management. For more information on AIStor policies, see MinIO Policy Based Access Control.
S3 compatibility
The mc commandline tool is built for compatibility with the AWS S3 API and is tested with AIStor and AWS S3 for expected functionality and behavior.
MinIO provides no guarantees for other S3-compatible services, as their S3 API implementation is unknown and therefore unsupported. While mc commands may work as documented, any such usage is at your own risk.