Enabling admin and user access to Data Hubs

Data Hub resource roles can be assigned on the scope of a specific Data hub cluster.

When you grant access to admins and users of a Data Hub, consider the following guidelines:

  • Any user or group that needs to access a specific Data Hub needs the EnvironmentUser role at the scope of the environment where that Data Hub is running.
  • A user with the DataHubCreator (or higher) account role can create Data Hubs.
  • The user who creates a Data Hub gets the Owner role for that Data Hub.
  • The Owner of the Data Hub cluster can grant others access to the cluster. The following roles can be assigned:
    • Owner - Grants the permission to mange the Data Hub cluster in CDP and delete it. It does not grant any cluster-level access (such as access to Cloudera Manager).
    • DataHubAdmin (Technical Preview) - Grants administrative rights over the Data Hub cluster.

The roles are described in detail in Resource roles. The steps for assigning the roles are described in Assigning resource roles to users and Assigning resource roles to groups.