Assign a shared resource role to a user
You can assign shared resources such as credentials, clusters templates, recipes, image catalogs, or proxies to users and machine users. To assign a shared resource to a user or a machine user, assign a specific resource role on the scope of the specific shared resource.
Required roles:
In order to assign a role, a user must have all rights from the role that they are planning
to assign to another user; That is, a user can only assign a role higher than his own.Use the following commands to assign a resource to a user or a machine user:
cdp iam assign-user-resource-role \
--user-name <value> \
--resource-role-crn <value> \
--resource-crn <value>
cdp iam assign-machine-user-resource-role \
--machine-user-name <value> \
--resource-role-crn <value> \
--resource-crn <value>
To remove a resource role from a user or a machine user:
cdp iam unassign-user-resource-role \
--user-name <value> \
--resource-role-crn <value> \
--resource-crn <value>
cdp iam unassign-machine-user-resource-role \
--machine-user-name <value> \
--resource-role-crn <value> \
--resource-crn <value>
To get a list of the resource roles assigned to a user or a machine user:
cdp iam list-user-assigned-resource-role \
--user-name <value>
cdp iam list-machine-user-assigned-resource-role \
--machine-user-name <value>