Add members to a project
In Amazon DataZone, projects enable a group of users to collaborate on various business use cases that involve publishing, discovering, subscribing to, and consuming data assets in the Amazon DataZone catalog. For more information, see Amazon DataZone terminology and concepts.
You must be a project owner or contributor to add members to a project. You can add SSO groups, SSO users, or IAM principals (roles or users) as project members.
To add members to an exiting project, complete the following steps.
-
Navigate to the Amazon DataZone data portal URL and sign in using single sign-on (SSO) or your AWS credentials. If you’re an Amazon DataZone administrator, you can navigate to the Amazon DataZone console at https://console.aws.amazon.com/datazone
and sign in with the AWS account where the domain was created, then choose Open data portal. -
Choose Select project from the top navigation pane and select the project.
-
Choose the project to which you want to add memebrs. If you don't readily see it in the list of projects, you can search for it by specifying the project name in the Find project field.
-
On the project's details page, select the Members tab and the choose All members node.
-
In the project Members tab, choose Add members.
-
In the Add members to project pop up window, specify the user(s) that you want to add and specify their role within the project (owner, contributor, consumer, steward, or viewer) and then choose Add members.
Important
You can only add those users as project members who are authorized to be members of this project by the project membership authorization policy that is configured for the domain unit in which this project lives. For more information, see Assign authorization policies to users and groups within an Amazon DataZone domain unit .
Note
You can add an IAM principal as a project member if that principal already has a
Amazon DataZone user profile in the domain. Amazon DataZone automatically creates a user
profile for an IAM principal when it successfully interacts with the domain via the
portal, API, or CLI. You cannot create a user profile for an IAM principal. To add
IAM principals as project members in the case where the IAM principal does not have
an existing Amazon DataZone user profile in the domain, ask your administrator to add the
following two IAM permissions to your domain’s
AmazonDataZoneDomainExecutionRole in the IAM console:
iam:GetUser
and iam:GetRole
. Separately, to perform
actions in the domain, the IAM principal must have the corresponding IAM permissions
to such actions.