Assign a Data Hub resource role to a group

You can assign a Data Hub resource role to a group to allow them to manage a specific Data Hub.

Required roles:
  • Owner or a role that allows administering the environment AND
  • One of the following: IamViewer or IamUser (required for listing users).
In order to assign a role, a user must have all rights from the role that they are planning to assign to another user; That is, a user can only assign a role higher than his own.
  1. Sign in to the CDP console.
  2. Navigate to the details page of your Data Hub cluster. This can be done in a few ways. For example:
    • From the CDP home page, click Data Hub Clusters and then click on the specific cluster.
    • From the CDP home page, click on Management Console, navigate to the Data Hub Clusters page, and then click on the specific cluster.
  3. From the Actions menu select Manage Access.
  4. Enter the name of the group in the text box.
  5. In the Update Resource Roles window, select the required resource role.
  6. Click Update Roles.

To assign a resource role to a group:

cdp iam assign-group-resource-role \
--group-name <value> \
--resource-role-crn <value> \
--resource-crn <value> 

To remove a resource role from a group:

cdp iam unassign-group-resource-role \
--group-name <value> \
--resource-role-crn <value> \
--resource-crn <value>
  • The resource-role-crn parameter requires the CRN of the resource role you want to assign to the group.
  • The resource-crn parameter requires the CRN of the resource on which you want to grant the resource role permissions.

To get a list of the resource roles assigned to a group:

cdp iam list-group-assigned-resource-role \
--group-name <value>