How to add a new user in virtual machines (VMs) in Pivotal Cloud Foundry or Pivotal Container Service cluster.

Product Version: 2.8

There is a feature called "add-ons" in BOSH. This feature enables operators to run software that is not part of the BOSH release - typically third-party monitoring agents, antivirus, security software, operating system kernel parameters, etc.

To add users, see detailed instructions below:

• Upload the os-conf-release

bosh upload-release --sha1 6946056ad69ae378cb89c9ef76daf66370a7dc6a \
  https://bosh.io/d/github.com/cloudfoundry/os-conf-release?v=22.0.0

• Create a runtime config in bosh, create `runtime-add-security-user.yml`

releases:
  - name: os-conf
    version: 22.0.0
addons:
  - name: add-user-to-diego-vm
    jobs:
    - name: user_add
      release: os-conf
      properties:
        users:
        - name: security-user
          # mkpasswd -m sha-512 <PASSWORD> <SALT>
          crypted_password: $6$rounds=5000$q6.pPvT2$ScfciltcPURD2jiiuIgAdkAcF.VW/moLwzioV/.Vp7jZieEpu036j6MMrvPZATKKdkRNJcokIT2D19UPQNu.91
          sudo: true
    include:
      instance_groups:
        - diego_cell

These particular config files would add the user only to the diego cells. See the `include` settings.

Note: You should provide the password hash.

• Upload the runtime configuration to Bosh

bosh update-runtime-config --name diego-security-user runtime-add-security-user.yml

• Run `bosh runtime-config --name diego-security-user` to confirm
• Click "Apply Changes" in the Ops Manager.
• To verify the changes, SSH to a Diego cell and run the following command:

id security-user