Cloud account access control determines which groups in your organization can use a cloud account to provision networks and start clusters. By default, a newly created cloud account is not shared with any group.
Persona
The steps included on this page should be completed by an administrator in your organization.
Access is managed through a single permission type called network. When a group is granted the network permission for a cloud account, members of that group can create and manage networks under that account and use those networks when starting clusters.
There are two ways to share a cloud account:
Resource Type Access
As of v7.0.0, available resource types are automatically determined by cloud account access. If a group has the network permission on at least one cloud account for a given cloud service provider, that CSP's resource types are available to the group.
To manage which groups can use a cloud account:
To grant access to all groups at once, check the network checkbox in the Organization row. When organization-wide access is enabled, all individual group checkboxes are automatically checked and disabled because access is inherited from the organization setting.
To grant access to individual groups, leave the Organization row unchecked and check the network checkbox next to each group that should have access.
After adjusting the checkboxes, click Save Access to apply the changes. A confirmation message will appear once the update is saved.
You can see the current sharing status of a cloud account on its detail page under the Shared with field in the Account Details section. This field shows one of the following:
