Cloudera Docs

Adding project collaborators

Learn how you can add collaborators to a project.

For projects created under your personal account, you can add anyone from your organization as a collaborator. Howevere, for projects created under a team account, you can only add collaborators who are already members of that team. If your project requires collaborators from multiple teams, create a new team with the necessary members, and then create the project under that team account. Additionally, if your project was created from a Git repository, each collaborator must create the project using the same central Git repository.

You can assign one of the following access levels to project collaborators:

  • Viewer - The Viewer has read-only access to code, data, and results.
  • Operator - The Operator has read-only access to code, data, and results. Additionally, Operators can start and stop existing jobs in the projects that they have access to.
  • Contributor - The Contributor can view, edit, create, and delete files and environmental variables, run sessions, experiments, jobs or models and run code in running jobs. Additionally, Contributors can set the default engine for the project.
  • Administrator - The Administrator has complete access to all aspects of the project. This includes the ability to add new collaborators, and delete the entire project.
Adding Teams as collaborators
Administrators, owners, contributors or operators can add a team as a collaborator to a project. Teams can be added to both team projects or to individual projects. When a team is added, two permission modes are available:
  • Inherit mode - If team members are already part of the project, their permissions are upgraded to match the permissions they have within the team.
  • Override mode - The permissions assigned to the team are uniformly applied to all team members, regardless of any individual permissions they may already have on the project.

Collaborating securely on projects

Before adding project collaborators, it is important to note that assigning the Contributor or the Administrator role to a project collaborator effectively grants them write access to your data in Cloudera. This is because project contributors and project administrators have write access to all project code, including any library code that you might not be actively reviewing. For example, a Contributor or Administrator can modify project file(s) to include code that deletes data on the Cloudera cluster. If you later launch a session and run the modified code, it may appear as though you were the one who deleted the data.

Additionally, project collaborators have access to all active sessions and jobs. This means a malicious user can potentially impersonate you by accessing one of your active sessions. Therefore, it is crucial to limit project access to trusted collaborators only. To mitigate this risk, Site Administrators can enforce restrictions by allowing only session creators to execute commands within their own active sessions.

For these reasons, Cloudera recommends using Git for secure collaboration on shared projects. Git not only enhances security, but also helps prevent file modification conflicts, especially when your team is working on complex projects.

  1. In the Cloudera console, click the Cloudera AI tile.
    The Home page displays.
  2. Select the required Workbench.

    The Cloudera AI Workbench page displays.

  3. Click Projects in the left navigation pane and select the required project.
  4. Go to Collaborators, and enter the user ID in the Search box.
  5. Choose the User ID, and click Add. The user or team is added with their role displayed.