Managing Users and Groups
This feature is only available to Admins.
Create and manage users and groups on your Conductor cluster, so as to ensure secure access.
Users
A user represents a human user that interacts with Conductor. Users are authenticated using SSO providers or email/password. Each user has one or more roles assigned to them.
Adding users
Users must be added to your Orkes Conductor cluster before they can sign up or log in.
To add a user to your cluster:
- In the left navigation menu, go to Access Control > Users.
- Select (+) Create user.
- Enter the following details:
| Field | Description |
|---|---|
| User Id | The user’s email address. This cannot be changed later. |
| Name | The username. |
| Roles | The user’s role(s), which governs the basic access level for the user. The available roles are:
|
| Groups | The groups that the user should be part of. This provides additional group-level permissions to the user. |
- Select Save.
Editing user information
You can edit a user’s name, role, or group anytime.
To edit a user:
- In the left navigation menu, go to Access Control > Users.
- Select the Edit button located next to the user.
- Update the user’s name, roles, or groups as desired.
- Select Save.
Deleting users
To delete a user from your cluster:
- In the left navigation menu, go to Access Control > Users.
- Select the Delete icon located next to the user.
- Confirm the action by entering the user’s ID and selecting Confirm.
Groups
A group is a set of users. Groups are a way to quickly share roles and permissions among multiple users.
When a user is added to a group, the user automatically inherits the roles and permissions of a group. Likewise, when a user is removed from a group, the roles and permissions are automatically removed from the user.
Read Only Users cannot be added to any groups.
Configuring groups
To configure a group:
- Create a group.
- In the left navigation menu, go to Access Control > Groups.
- Select (+) Create group.
- Enter the following details:
| Field | Description |
|---|---|
| Name | A name to identify your group. For example, “Engineering”. This cannot be changed later. |
| Description | A description of the group. |
| Default group role | Optional. The role(s) that all members of the group will inherit, on top of their individually defined role(s). The available roles are:
|
iv. Select Save.
The group has been created. You can proceed to add members or permissions to the group.
Add members to the group.
- In the Members section, select + Add User to add an existing user to the group. If the user you are looking for does not exist, you must first add them to your cluster.
Add permissions to grant group-level access to resources.
- In the Permissions section, select + Add Permission.
- Toggle between each resource type and select the resources to provide access to.
- Toggle the access levels for your selected resource:
- Read—Users will be able to view the resource.
- Update—Users will be able to update the resource.
- Execute—Users will be able to execute the resource.
- Delete—Users will be able to delete the resource.
All group members will now have these roles and permissions, on top of their existing user-based permissions.
- In the Permissions section, select + Add Permission.
You can grant permissions to tags, rather than to individual resources. Tags can be added to multiple resources, so that when you grant a permission to a tag, it instantly provides access to all tagged resources. Learn more about tags in Managing Tags.
Editing group information
You can edit a group’s description, default roles, members, or permissions anytime.
To edit a group:
- In the left navigation menu, go to Access Control > Groups.
- Select the group name or the Edit icon located next to the group name.
- Update the group’s description, roles, members, or permissions as desired.
Deleting groups
To delete a group:
- Select the Delete icon located next to the group name.
- Confirm the action by entering the group name and selecting Confirm.