Skip to main content

Manage role

Roles provide differential access rights to users for managing and accessing organizations and projects. Roles are broadly divided into organizational-level and project-level, and multiple roles can be assigned to a user. For example, a user with the Org Admin role can also take on a specific project member role. The role management functions described in this document are only available to users assigned the following IAM roles.

Manage IAM role

FunctionOrg OwnerOrg AdminOrg ReaderProject AdminProject MemberProject Reader
Add Organization Role     ✓                     
Delete Organization Role
Transfer Org Owner role
Add project members and
roles
Change project role
Remove project member
View project members

Manage organization-level role

Organization-level roles include Org Owner, Org Admin, Billing Admin, Billing Manager, Billing Viewer, Trail Viewer, and Alert Center Admin.
For billing service-related roles, higher-level roles encompass all the permissions of lower-level roles, but lower-level roles can also be added in addition to higher-level roles. For example, a Billing Manager role, which includes Billing Viewer permissions, can have the Billing Viewer role added.
Meanwhile, the Org Owner role must be held by one user account within the organization. Consequently, in the IAM (organizational-level) user list, the checkbox and the [Add Organization-level Role] and [Delete Organization-level Role] buttons for users with the Org Owner role are disabled. It's not possible to delete or add the Org Owner role; only direct transfer of the role by the Org Owner to another user is possible.
The organization-level roles are as follows:

Types of organization-level roles

Organizational-level roleDescription
Org Owner  The user who applied for organization creation
- Acquires the roles of Org Admin and Billing Admin
Org AdminRegistration and deletion of users, adding and deleting user roles, creating and deleting groups, project creation, etc.
- Includes Org Reader permissions
Org ReaderViews organization and project information, user information, IAM role information
Billing AdminManages billing and views invoices
- Includes Billing Manager permissions
Billing ManagerViews estimated charges for all projects
- Includes Billing Viewer permissions
Billing ViewerViews estimated charges for specified projects
Trail ViewerViews organizational level events in Cloud Trail
Alert Center AdminRegisters and views alerts and dispatch records of organizational events in Alert Center

Add organization-level role

Org Admin can add organization-level roles to specific users.

  1. Select the IAM menu from the KakaoCloud Console.

  2. In the Users tab, select the checkbox for the user to whom you want to add roles, and click the [Add Organization-level Role] button.

  3. In the popup, select the organizational level role to add, then click the [Next] button.

    CategoryDescription
    User InputEnter user ID if necessary
    Add Organizational-level RoleSelect organization-level role to be newly granted to the user
    - For more details, see the IAM roles.

  4. In the popup, check the user ID and the organization-level role to add, then click the [Add] button.

Remove organization-level role

Org Admin can remove organizational level roles from users.

  1. Select the IAM menu from the KakaoCloud Console.

  2. In the Users tab, select the checkbox for the user whose role you want to remove, and click the [Delete Organization-level Role] button.

  3. In the popup, select the checkbox for the role to delete and click the [Next] button.

    CategoryDescription
    User InputEnter user ID if necessary
    Delete Organization-level RoleSelect the organization-level role to delete from the user

  4. In the popup, check the user ID and the organization-level role to delete, then click the [Delete] button.

  5. Check the user list to ensure the user's Organization-level Role has been properly removed.

Transfer Org Owner role

Org Owners can delegate the Org Owner role to only one user account, and the roles of Org Owner, Org Admin, and Billing Admin are transferred together. The method for transferring the Org Owner role is as follows.

info

Transferring the Org Owner role should fundamentally be done through the KakaoCloud Console. If the existing Org Owner leaves without going through the role transfer process or in other unavoidable situations, please write an inquiry at the Helpdesk.

  1. Select the IAM menu from the KakaoCloud Console.
  2. In the Users tab, select the [More] icon for your own account > Transfer Org Owner Role.
  3. In the popup, enter the user ID to whom you're transferring the role, and click the [Transfer Role] button.
  4. Check the user list to confirm the changed roles.

Manage project-level role

Project level roles, which allow for management or access to projects, consist of Project Admin and Project Member. To manage project roles, members must first be added to the project.

Permission Notice

Org Admin or Project Admin are required for project role management. The method for addition and removal differs depending on whether it's an Org Admin or a Project Admin.

Project Role Types

Project RoleDescription
Project AdminAccesses and controls all resources within the project, manages project member roles
Project MemberAccesses and controls all or some resources within the project, as authorized
Project ReaderViews resources within the project for which they have permissions

Add project member and role

The method for adding users as project members differs for Org Admin and Project Admin.

  1. Select the IAM menu from the KakaoCloud Console.

  2. Under the Organization > Projects tab, select the project to which you want to add members.

  3. In the Project-level role tab, click the [Manage Project-level role] button.

  4. In the popup, enter the required information and click the [Next] button.

    CategoryDescription
    User InputEnter the user ID (email address) of the user to whom you're adding a project role
    - Users not belonging to the organization cannot be added to projects
    Project-level roleSelect the project role to grant to the user
    - For more details, see IAM roles.

  5. In the popup, check the ID and the project-level role to apply, then click the [Apply] button.

Change project-level role

The method for changing project roles among added users differs for Org Admin and Project Admin.

  1. Select the IAM menu from the KakaoCloud Console.

  2. Under the Organization > Projects tab, select the project containing the member whose role you want to change.

  3. In the Project-level role tab, select the [More] icon for the user > Manage Project-level role.

  4. In the popup, select the project level role to apply, then click the [Next] button.

    CategoryDescription
    User IDEnter the user ID (email address) of the user whose project role you're changing
    - If necessary, add more input
    Project-level roleSelect the project role to change
    - For more details, see IAM roles.

  5. In the popup, check the ID and the project-level role to apply, then click the [Apply] button.

Remove member from project

Removing a user from the project member list also deletes the user's project role. The user must have their project role added again to access the project. The method for removing a user from a project differs for Org Admin and Project Admin.

  1. Select the IAM menu from the KakaoCloud Console.

  2. Under the Organization > Projects tab, select the project from which you want to remove a member.

  3. In the Project-level role tab, click the checkbox for the user to remove, and click the [Remove] button.

  4. In the popup, check the ID and click the [Remove] button.

    CategoryDescription
    User IDEnter the user ID (email address) of the user to remove from the project

  5. Check the Project Members list to confirm the user has been removed.

Last updated on