Removing account roles from a group
When you unassign a role to a group, the role is also unassigned to all user and machine user accounts in the group.
Required role: PowerUser
Steps
-
Sign in to the Cloudera console.
-
From the Cloudera home page, click Cloudera Management Console.
-
In the User Management section of the side navigation panel, click Groups.
The Groups page displays the list of all Cloudera groups.
-
Click the name of the group to which you want to assign a role.
The group details page displays information about the group.
-
Click the Roles tab.
-
From the context menu to the right of a role, click Unassign role.
-
Click OK to confirm that you want to remove the role permissions from the group.
To remove a role from a group:
cdp iam unassign-group-role \
--group-name <value> \
--role <value>
The role parameter requires the CRN of the Cloudera role.
To get a list of the roles assigned to a group:
cdp iam list-group-assigned-roles \
--group-name <value>
What to do next
You need to perform user sync for the change to take effect. See Performing user sync.