Manage user access to organizations and projects.
Grant Users Access to Organizations or Projects
Important: When assigning roles to users, follow the principle of least privilege and grant the minimum permissions required to carry out the given task.
Note: Within the organization, users should contact their organization's IAM Admin or the Company Admin to get the roles assigned to the organization's resources. IAM Admin or Company Admin are the only authorized persons to assign roles to their organization's users.
To assign roles to users:
-
Sign in to the Identity & Access Management portal as an IAM Admin user.
-
Click Users.
-
Select an organization or a project:
Click the Context Switcher drop-down list, select an organization or a project, then click Go.
-
Select the users to assign role within the Organization or Project.
Important: Only users with assigned roles will be shown; to assign roles to users with no existing roles, you MUST search for the user using either First Name / Last Name or username. You can also search for a user in a different organization within the same rootOrg by searching for the exact username of that user.
Click Grant Access.
Tip: You can select multiple users to grant access by ticking the checkbox next to the users.
Note: For resellers, to view their users from end customer organizations, they will need to select the end customer organization in the context switcher. From there, they can then grant access to these users at the end customer organization level.
-
(For Projects), select Assign Role on a Project.
Click Next.
For Organizations, you can skip to the next step.
-
Select the roles to grant to user.
Click Next
. -
Review the role assignment.
Note: Role assignment is inherited by all the nodes within the selected organization or project. See Inheritance.
Click Submit.
Manage User's Role
From the user details page, this function allows you to add or remove a user's roles from a resource. Refer to Manage User's Role.
Related Topics
