Skip to content

Group <> User role sync

The Group <> User role sync package assigns role to users based on the Atlan group they belong to.

Configuration

  • Selection mode: whether to match the groups by name or regex match.
    • List: if the name (display name) of the group is used to fill Admin Group, Member Group and Guest Group.
    • Regex: if a regex is used to fill Admin Group, Member Group and Guest Group. All groups that match the regex expression will be used.
  • Admin Group: Name (display name) or regex matching expression of the Atlan groups (comma separated) that contain users with admin role. The package updates the role of the users belonging to these groups to admin.
  • Member Group: Name (display name) or regex matching expression of the Atlan groups (comma separated) that contain users with member role. The script updates the role of the users belonging to these groups to member.
  • Guest Group: Name (display name) or regex matching expression of the Atlan groups (comma separated) that contain users with guest role. The script updates the role of the users belonging to these groups to guest.

What it does

  1. Fetch all users that belongs to the groups specified in Admin Group, Member Group and Guest Group.
  2. Assign a role to users based on the group they belong to:
    • admin role to all users belonging to Admin Group
    • member role to all users belonging to Member Group
    • guest role to all users belonging to Guest Group

If a user is assigned to more than one of the specified group, the more restricted role is assigned. Example: if a user belongs to both the Admin Group and the Guest Group, the guest role is assigned.