Skip to content

User/Groups/Roles

Manage data access for users, groups, and roles.

Users#

Data access users are identified in the creation and definition of Resource Policies. Users may be included or excluded specifically or in groups.

  • User Source value reflects the method of their creation or import (source).

    • Internal users - created within your Access Management account. Adninistrative users are Users: 'admin', 'rangerusersync', 'keyadmin', 'rangertagsync', and '{OWNER}' are created by the system.

    • External users:

      • A data access user with the same username as the first 'Administrator'/ Portal user;

      • A 'service' user for each data resource service (e.g. 'hive', 's3', ...);

      • Users imported User Sync with an LDAP or Active Directory. ​

  • Visibility indicates if a user is listed when creating or editing a Policy in Access Management: Resource Policies. If a user is Visible, they will be found and selectable under "Select User" column.  If a user is Hidden, they will not be selectable. This is useful when your account has been synchronized with a user directory with a large number of users. Visibility may be set by selecting a user object row (on the left side of the table, and using the 'Visibility' action (between +Add and Delete).

  • User Role here is one of ('User', 'Administrator', or 'Auditor').  Note that this user Role is different than the custom Roles defined in the User Management: Roles tab.

Use the Search control to limit displayed objects those matching a specific value.  First select a column name, then a value. The table will be filtered to show only those objects that match the value. Users objects may be added, edited, or deleted.

Add Users#

  1. From the home page, click Access Management > Users/Groups/Roles

  2. Select the Users tab and click +Add. The Add User pop-up displays.

  3. Enter the user details.

  4. Click Save.

Edit Users#

  1. From the home page, click Access Management > Users/Groups/Roles

  2. Under the Users tab, select the User and click the pen icon in the Actions column.

  3. Modify the user details.

    Note: For external users, you can only edit the user role and password.

  4. Click Save.

Groups#

Use groups to manage multiple users with similar data access needs. A user can belong to more than one group.

Add Groups#

  1. From the home page, click Access Management > Users/Groups/Roles

  2. Select the Groups tab and click +Add. The Add User pop-up displays.

  3. Enter the group details.

  4. Click Save.

Edit Groups#

To edit the user, use the following steps:

  1. From the home page, click Access Management > Users/Groups/Roles

  2. Select the Groups tab.

  3. Select the group and click the pen icon in Actions column.

    Note: You can edit only the description.

  4. Click Save.

Roles#

Assign roles to users based on job functions.

Add Roles#

  1. From the home page, click Access Management > Users/Groups/Roles.

  2. Select the Roles tab and click +Add.

  3. Enter the role details and click Save.

Edit Roles#

  1. From the home page, click Access Management > Users/Groups/Roles

  2. Select the Roles tab.

  3. Select the role and click the pen icon in Actions column.

  4. Click Save.


Last update: July 23, 2021