Cloudera Docs

Deleting users for Identity Providers

You must complete the following steps if you want to delete a specific Identity Provider (IdP) user from the virtual cluster. Perform these steps for each user that you want to delete from the virtual cluster.

  1. If you already downloaded the utility script and uploaded it to an Cloudera Embedded Container Service or HDFS gateway cluster host as documented in Creating virtual clusters, you can skip to step 7.
  2. Download cde-utils.sh to your local machine.
  3. Create a directory to store the files, and change to that directory: 
    mkdir -p /tmp/cde-utils && cd /tmp/cde-utils

  4. Cloudera Embedded Container Service

    Copy the extracted utility script (cde-utils.sh) to one of the Cloudera Embedded Container Service cluster hosts. To identify the Cloudera Embedded Container Service cluster hosts:

    1. Log in to the Cloudera Manager web interface.
    2. Click Clusters tab.
    3. Click the relevant Cloudera Embedded Container Service cluster from the list of the clusters displayed.
    4. Under Status, click Hosts link.
    5. Copy the script to the master host.
    Red Hat OpenShift Container Platform (OCP)

    Copy the extracted utility script (cde-utils.sh) and the OpenShift kubeconfig file to one of the HDFS service gateway hosts, and install the kubectl utility:

    1. Log in to the Cloudera Manager web interface.
    2. Go to Clusters > Base Cluster > HDFS > Instances.
    3. Copy the script to one of the Gateway hosts.
    4. Copy the OCP kubeconfig file to the same host.
    5. On that host, install the kubectl utility following the instructions in the Kubernetes documentation.
  5. On the cluster host that you copied the script to, set the script permissions to be executable: 
    chmod +x /path/to/cde-utils.sh
  6. Identify the virtual cluster endpoint:
    1. In the Cloudera Manager web UI, go to the Data Services page, and then click Open Cloudera Private Cloud Data Services.
    2. Click the Data Engineering tile.
    3. Select the Cloudera Data Engineering service containing the virtual cluster you want to activate.
    4. Click Cluster Details.
    5. Click JOBS API URL to copy the URL to your clipboard.
    6. Paste the URL into a text editor to identify the endpoint host. For example, the URL is similar to the following:
      https://dfdj6kgx.cde-2cdxw5x5.apps.ecs-demo.example.com/dex/api/v1

      The endpoint host is dfdj6kgx.cde-2cdxw5x5.apps.ecs-demo.example.com.

  7. Use the cde-utils.sh script to delete the user keytab from the virtual cluster hosts: 
    ./cde-utils.sh delete-user-in-virtual-cluster -h ***ENDPOINT_HOST*** -u ***USER***
    For example, using the psherman user, for the dfdj6kgx.cde-2cdxw5x5.apps.ecs-demo.example.com endpoint host:
    ./cde-utils.sh delete-user-in-virtual-cluster -h dfdj6kgx.cde-2cdxw5x5.apps.ecs-demo.example.com -u psherman
  8. Repeat these steps for all the users that you want to delete from the virtual cluster hosts.