Assigning account roles to users
Assign account roles to a Cloudera user to manage the tasks that the user can perform in Cloudera. You can assign multiple roles to users or machine users to provide them with the permissions they need to perform their required tasks.
Required role: PowerUser
Steps

- Sign in to Cloudera.
- From the Cloudera home page, click Cloudera Management Console.
- Click User Management.The Users page displays the list of all Cloudera users.
- Click the name of the user to whom you want to assign a role.The user details page displays information about the user.
- Click the Roles tab.
- Click Update Roles.
- On the Update Roles window, select the roles you want to assign to the user.To remove a role from the user account, clear the selected role.
- Click Update.The roles that you select displays in
the list of roles assigned to the user.
To remove a role from a user account, click check box next to the assigned role that you want to remove. Click Update to confirm that you want to revoke the role permissions.
You can use the following command to assign a role to a user or a machine user:
cdp iam assign-user-role \
--user-name <value> \
--role <value>
To remove a role from a user or a machine user:
cdp iam unassign-user-role \
--user-name <value> \
--role <value>
cdp iam unassign-machine-user-role \
--machine-user-name <value> \
--role <value>
The --role parameter requires the CRN of the Cloudera role. You
can use the cdp iam list-roles
command to list resource roles with role
CRNs.
To get a list of the roles assigned to a group:
cdp iam list-user-assigned-roles \
--user-name <value>
cdp iam list-machine-user-assigned-roles \
--machine-user-name <value>
What to do next
You need to perform user sync for the change to take effect. See Performing user sync.