Skip to main content

Manage users

View Markdown

Manage users

This page describes how to add, remove, and modify users in your Anyscale organization. You must be an organization owner to manage users.

For role definitions and permissions, see Roles and permissions.

To configure single sign-on (SSO), see Configure SSO for your Anyscale organization.

Add users to an organization

To invite users to your organization, do the following:

  1. Click your user icon.
  2. Click Users & IAM.
  3. Click Invite.
  4. Enter the email addresses of the invitees, separated by commas.
  5. Click Send invites.

Invitees receive an email with a link to register and join your organization.

Add users to a cloud

Organization owners must add users to each cloud to grant access. For cloud role definitions, see Cloud roles.

To add users to a cloud, do the following:

  1. Go to the Clouds page.
  2. Click the cloud you want to grant access to.
  3. Click Grant permission.
  4. Select users from the organization.
  5. Assign a role (collaborator, owner, or read-only).

Auto add users to a cloud

Cloud owners can enable auto add to grant all organization users cloud collaborator permissions automatically. When a new user joins the organization, Anyscale assigns cloud collaborator permissions within 30 seconds.

To enable auto add, do the following:

  1. Go to the Clouds page.
  2. Click the cloud name.
  3. Click Settings.
  4. Click Auto add users.
  5. Click to toggle the Auto add users setting.

You can also enable auto add with the CLI:

anyscale cloud update <cloud-name> --enable-auto-add-user
note

Disabling auto add users doesn't revoke existing permissions. It only stops automatic additions for new users.

Modify user roles

To change a user's organization role, do the following:

  1. Click your user icon.
  2. Click Users & IAM.
  3. Click Manage access.
  4. Find the user and click the edit icon Edit icon.
  5. Use the Select a base role dropdown to choose a role for the user.
  6. Click Save.
warning

Demoting an organization owner to collaborator removes all implicit permissions for clouds and projects. You must explicitly grant cloud roles to allow access.

Delete users

To remove a user from your organization, do the following:

  1. Click your user icon.
  2. Click Users & IAM.
  3. Select the users to remove.
  4. Click Delete. A confirmation displays.
  5. Click Delete to confirm.
warning

To delete an organization owner, first demote them to collaborator.

warning

If your organization uses SSO, also remove the user from your identity provider's Anyscale integration to fully restrict access.

What happens to resources created by deleted users?

Removing a user from an organization doesn't delete their workloads or resources:

ResourceBehavior
Workspaces, jobs, servicesRemain running. Duplicate to assume ownership.
SchedulesContinue until permission errors occur. Any user can resume and becomes the creator of subsequent jobs.
Projects, cloudsOrganization owner becomes the implicit owner and can transfer ownership.
note

If you re-invite a previously deleted user, they receive a new user ID. Previous roles and permissions don't restore automatically.