| title |
|---|
Adding Users to Clusters |
If you want to provide a user with access and permissions to all projects, nodes, and resources within a cluster, assign the user a cluster membership.
:::tip
Want to provide a user with access to a specific project within a cluster? See Adding Project Members instead.
:::
There are two contexts where you can add cluster members:
-
Adding Members to a New Cluster
You can add members to a cluster as you create it (recommended if possible).
-
Adding Members to an Existing Cluster
You can always add members to a cluster after a cluster is provisioned.
Cluster administrators can edit the membership for a cluster, controlling which Rancher users can access the cluster and what features they can use.
-
Click ☰ > Cluster Management.
-
Go to the cluster you want to add members to and click ⋮ > Edit Config.
-
In the Member Roles tab, click Add Member.
-
Search for the user or group that you want to add to the cluster.
If external authentication is configured:
-
Rancher returns users from your external authentication source as you type.
:::note Using AD but can't find your users?
There may be an issue with your search attribute configuration. See Configuring Active Directory Authentication: Step 5.
:::
-
A drop-down allows you to add groups instead of individual users. The drop-down only lists groups that you, the logged in user, are part of.
:::note
If you are logged in as a local user, external users do not display in your search results. For more information, see External Authentication Configuration and Principal Users.
:::
-
-
Assign the user or group Cluster roles.
:::tip
For Custom Roles, you can modify the list of individual roles available for assignment.
- To add roles to the list, Add a Custom Role.
- To remove roles from the list, Lock/Unlock Roles.
:::
Result: The chosen users are added to the cluster.
- To revoke cluster membership, select the user and click Delete. This action deletes membership, not the user.
- To modify a user's roles in the cluster, delete them from the cluster, and then re-add them with modified roles.