Assigning account-level roles to users

Assign account-level roles to a CDP user to manage the tasks that the user can perform in CDP. You can assign multiple roles to users or machine users to provide them with the permissions they need to perform their required tasks.

Steps

Management Console UI

  1. Sign in to the CDP console.
  2. Click Management Console.
  3. Click User Management.

    The Users page displays the list of all CDP users.

  4. Click the name of the user to whom you want to assign a role.

    The user details page displays information about the user.

  5. Click the Roles tab.
  6. Click Update Roles.
  7. On the Update Roles window, select the roles you want to assign to the user.

    To remove a role from the user account, clear the selected role.

  8. Click Update.

    The roles that you select displays in the list of roles assigned to the user.

    To remove a role from a user account, click check box next to the assigned role that you want to remove. Click Update to confirm that you want to revoke the role permissions.

CLI

You can use the following command to assign a role to a user or a machine user:
cdp iam assign-user-role \
--user-name <value> \
--role <value>
To remove a role from a user or a machine user:
cdp iam unassign-user-role \
--user-name <value> \
--role <value> 
To get a list of the roles assigned to a group:
cdp iam list-user-assigned-roles \
--user-name <value>
cdp iam list-machine-user-assigned-roles \
--machine-user-name <value>