Cloudera user management

The Cloudera Management Console on premises includes a user management system that allows you to integrate your LDAP identity provider and manage user access to Cloudera resources.

When Cloudera on premises is installed, a Cloudera account administrator user is created. A Cloudera account administrator has all privileges and can perform any task in Cloudera. Administrators can create other administrators by assigning the EnvironmentAdmin role to users. Cloudera users with the EnvironmentAdmin role can also register environments and create Data Lake clusters.

The Cloudera Management Console on premises also enables account administrators to federate access to Cloudera by configuring an external LDAP identity provider. Cloudera users can include users synched with an external LDAP identity provider, or machine users. Machine users can be assigned roles and resource roles, but cannot log in to the web console.