All Products
Search
Document Center

MaxCompute:Assign a built-in administrator role to a user

Last Updated:Jun 21, 2026

Super_Administrator and Admin are built-in administrator roles in MaxCompute. To streamline authorization, you can assign these roles directly to users, which grants them all the associated permissions.

Background information

MaxCompute provides the following built-in administrator roles.

Built-in role

Authorizer

Authorization method

project-level Super_Administrator role

project owner

project-level Admin role

Authorization via MaxCompute client

Assume that an Alibaba Cloud account Bob@aliyun.com is the project owner of test_project_a, and Allen is a RAM user that belongs to the Alibaba Cloud account Bob@aliyun.com. Follow these steps to assign the Super_Administrator role to Allen:

  1. USE test_project_a;
  2. ADD USER RAM$Bob@aliyun.com:Allen;
  3. GRANT super_administrator TO RAM$Bob@aliyun.com:Allen;

Authorization via DataWorks

Assume that an Alibaba Cloud account Bob@aliyun.com is the project owner of test_project_a, and Allen is a RAM user that belongs to the Alibaba Cloud account Bob@aliyun.com. Follow these steps to assign the Super_Administrator role to Allen:

  1. Log on to DataWorks. On the Workspace page, select the target workspace from the drop-down list in the upper-left corner.

  2. Add Allen as a workspace member.

    1. In the navigation pane on the left, click Workspace Members and Roles to go to the Workspace Members tab.

    2. In the upper-right corner, click Add Members.

    3. In the Add Members dialog box, select Allen from the Available Accounts list to add it to the Selected Accounts list.

    4. Select roles and click Confirm.

  3. Assign the Super_Administrator or Admin role to Allen.

    Note

    The following steps apply to an earlier version of the console. If you are using the new version, see Manage user permissions in the console.

    1. In the navigation pane on the left, click MaxCompute Advanced Settings.

    2. On the MaxCompute Advanced Settings page, in the navigation pane on the left, click Custom User Roles.

    3. Next to the role that you want to assign, click Manage Members. In the dialog box that appears, select Allen from the Available Accounts list to add it to the Selected Accounts list.

    4. Click OK to assign the role.