Cloudera machine user

A machine user account provides programmatic access to Cloudera. Create a machine user account if you have an application that needs to access the Cloudera services with Cloudera Management Console APIs.

You can define the machine user account in your application to create and manage clusters and run jobs in Cloudera using the CLI or API commands.

You can create and manage a machine user account within Cloudera. You must assign an API access key to a machine user account to enable it to access the Cloudera service. You must assign roles to a machine user account to authorize it to perform tasks in Cloudera.

A machine user account does not have an associated Cloudera user account. You cannot use a machine user to log in to the Cloudera console.

Machine users created in the control plane are not automatically created in the customer LDAP. Therefore you cannot use machine users to access data in the base cluster.

Use the following guidelines when you manage user accounts in Cloudera:

• When you create a machine user account, you assign roles and environments to the machine user account in the same way that you assign roles and environments to other user accounts.
• When you revoke permissions for a machine user, ensure that you remove all the roles that grant the permissions that you want to revoke. To revoke all permissions granted to a machine user account, complete the following steps:
  • Remove all roles assigned to the machine user.
  • Delete any access key created for the machine user.
• You can delete a machine user account in Cloudera. You can delete the machine user account on the Cloudera console.