Skip to main content

Manage role

Roles provide differential access rights to users for managing and accessing organizations and projects. Roles are broadly divided into organizational-level and project-level, and multiple roles can be assigned to a user. For example, a user with the Org Admin role can also take on a specific project member role.

The role management described in this document is only available to users assigned the following IAM roles.

Manage IAM role

FunctionOrg OwnerOrg AdminOrg ReaderProject AdminProject MemberProject Reader
Add organization role     ✓                     
Delete Organization Role
Transfer Org Owner role
Add project members and
roles
Change project role
Remove project member
View project members

Manage organization role

Organization roles include Org Owner, Org Admin, Billing Admin, Billing Manager, Billing Viewer, Trail Viewer, and Alert Center Admin.
For billing service-related roles, higher-level roles encompass all the permissions of lower-level roles, but lower-level roles can also be added in addition to higher-level roles. For example, a Billing Manager role, which includes Billing Viewer permissions, can have the Billing Viewer role added.
Meanwhile, the Org Owner role must be held by one user account within the organization. Consequently, in the IAM (organizational-level) user list, the checkbox and the [Add Organization-level Role] and [Delete Organization-level Role] buttons for users with the Org Owner role are disabled. It's not possible to delete or add the Org Owner role; only direct transfer of the role by the Org Owner to another user is possible.
The organization roles are as follows:

Types of organization roles

Organizational-level roleDescription
Org Owner   The user who applied for organization creation
- Acquires the roles of Org Admin and Billing Admin
Org AdminRegistration and deletion of users, adding and deleting user roles, creating and deleting groups, project creation, etc.
- Includes Org Reader permissions
Org ReaderViews organization and project information, user information, IAM role information
Billing AdminManages billing and views invoices
- Includes Billing Manager permissions
Billing ManagerViews estimated cost and bills for all projects
- Includes Billing Viewer permissions
Billing ViewerViews estimated cost and resource usages for all projects
Trail ViewerViews organizational level events in Cloud Trail
Alert Center AdminRegisters and views alerts and dispatch records of organizational events in Alert Center

Add organization role

Org Admin can add organization roles to specific users.

  1. Go to KakaoCloud Console > Management > IAM.

  2. In the User menu, select a user and click the [More] icon > Add organization role.

  3. In the popup, select the role to add and click the [Next] button.

  4. In the popup, check the information and click the [Add] button.

Remove organization role

Org Admin can remove organizational-level roles from users.

  1. Go to KakaoCloud Console > Management > IAM.
  2. In the User menu, select a user and click the [Delete organization role] button.
  3. In the popup, select the role to delete and click the [Next] button.
  4. In the popup, check the information and click the [Delete] button.

Transfer Org Owner role

Org Owners can delegate the Org Owner role to only one user account, and the roles of Org Owner, Org Admin, and Billing Admin are transferred together. The method for transferring the Org Owner role is as follows.

info

Transferring the Org Owner role should fundamentally be done through the KakaoCloud Console. If the existing Org Owner leaves without going through the role transfer process or in other unavoidable situations, please write an inquiry at the Helpdesk.

  1. Go to KakaoCloud Console > Management > IAM.
  2. In the User menu, select the [More] icon > Transfer Org Owner role.
  3. In the popup, enter the user ID to transfer the role, and click the [Transfer role] button.
  4. Check the user list to confirm the changed roles.

Manage project role

Project roles, which allow for management or access to projects, consist of Project Admin and Project Member. To manage project roles, members must first be added to the project.

Permissions

Org Admin or Project Admin are required to manage project roles.

Type of project role

Project RoleDescription
Project AdminAccesses and controls all resources within the project, manages project member roles
Project MemberAccesses and controls all or some resources within the project, as authorized
Project ReaderViews resources within the project for which they have permissions

Add project member and role

The method for adding users as project members differs for Org Admin and Project Admin.

  1. Go to KakaoCloud Console > Management > IAM.

  2. Click the Project menu and select a project.

  3. In the Project role tab, click the [Manage project role] button.

  4. In the popup, enter the required information and click the [Next] button.

    CategoryDescription
    User IDEnter the user ID (email address) of the user to whom you're adding a project role
    - Users not belonging to the organization cannot be added to projects
    Project roleSelect the project role to grant to the user
    - For more details, see IAM role.

  5. In the popup, check the information and click the [Apply] button.

Change project role

The method for changing project roles among added users differs for Org Admin and Project Admin.

  1. Go to KakaoCloud Console > Management > IAM.

  2. Go to Project menu, select a project.

  3. In the Project role tab, select the [More] icon > Manage project role.

  4. Select the project role to apply, then click the [Next] button.

    CategoryDescription
    User IDEnter the user ID (email address) of the user whose project role you're changing
    - If necessary, add more input
    Project roleSelect the project role to change
    - For more details, see IAM role.

  5. In the popup, check the ID and the project role to apply, then click the [Apply] button.

Remove member from project

Removing a user from the project member list also deletes the user's project role. The user must have their project role added again to access the project. The method for removing a user from a project differs for Org Admin and Project Admin.

  1. Go to KakaoCloud Console > Management > IAM.

  2. On the Project menu, select a project.

  3. In the Project role tab, select a user to remove and click the [Remove] button.

  4. In the popup window, check the ID and click the [Remove] button.

    CategoryDescription
    User IDEnter the user ID (email address) of the user to remove from the project

  5. Check the list to confirm the user has been removed.