Manage Group Access
The Roles tab lets you view and manage the permissions that are available to the members of a group. Group members inherit permissions based on the roles that are assigned to the group in one or more projects.
You can also use groups to grant group members access to a project by adding the group directly to the project team. For more information, see Manage the Project Team.
View Access Permissions of a Group
The access permissions for a group are displayed on the Roles tab of the group profile. Here, you can view which roles are assigned to the group.
The list displays each role that is assigned to the group and the number of projects in which the group is granted this level of access.
Beneath each role is a list of projects in which this role is granted.
The sidebar displays the set of permissions that are assigned to the selected role.
To view the access rights for a group:
Open the Roles tab of the group profile.
Use the search box to filter the list by a role, project, or even a particular permission to find out if the group has the required access to a resource or operation.
Grant a Role to a Group
You can grant a role to a group directly. Members of the group are granted all access permissions assigned to this role.
To assign an individual role to a group:
In the Access Management section of the Administration menu, select .
In the list of user groups, locate a group that you want to assign a role to and click its name to open the group profile.
Select the Roles tab.
Click the Grant role button.
In the Grant Role sidebar, choose a role that you want to assign to the group.
Select a project where you want to apply the role. If you want to apply the role to all projects in Hub, select the Global project.
- Click the Grant role button.
The selected role is granted to the user group and all its permissions are granted to the users who are members of the group.
Revoke a Role from a Group
If a group of users no longer requires access that is granted by a role, you can revoke the role assignment. This procedure only applies to roles that are assigned directly to a group. If a role is granted to a group as a subgroup of another group, you have two options:
Revoke the role from the parent group.
Remove the subgroup from the parent group by nesting it under the All Users group.
To revoke a role from a group:
In the Access Management section of the Administration menu, select Groups.
Use the search box to find the desired group.
Select a group from the list.
Select the Roles tab.
Locate the role assignment that you want to remove from the selected group. Use the search box to locate a role by name, project, or permission.
Under the role assignment, select the project in which the role is granted.
Click the Revoke role button.
- Confirm the action in the confirmation dialog.
The role is revoked from the group in the selected project.
Members of the group lose the permissions that are assigned to the role in the project.