Adding & Removing Users on Acquia Cloud | OpsBlu Docs

Adding & Removing Users on Acquia Cloud

How to add, remove, and manage users on Acquia Cloud Platform and Drupal — team invitations, Drupal accounts, and offboarding procedures.

Acquia user management spans two layers: the Acquia Cloud Platform (infrastructure access) and the Drupal application (CMS access). Both must be managed for proper onboarding and offboarding.

Adding Users to Acquia Cloud

Via the Cloud UI

  1. Log in to Acquia Cloud
  2. Navigate to Organization > Teams
  3. Select the team (or create one with Add Team)
  4. Click Add Member
  5. Enter the user's email address
  6. Select the team role: Admin, Senior Developer, or Developer
  7. Click Add to Team

The user receives an email invitation and must create an Acquia account if they do not already have one.

Via the Acquia Cloud API

# Add a user to a team via API
curl -X POST "https://cloud.acquia.com/api/teams/{team_uuid}/members" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "email": "newuser@company.com",
    "roles": ["senior_developer"]
  }'

Adding Users to Drupal (CMS Layer)

Via the Drupal Admin UI

  1. Navigate to People > Add User (/admin/people/create)
  2. Fill in username, email, and password
  3. Select roles (e.g., Content Editor, Analytics Manager)
  4. Check Notify user of new account to send a welcome email
  5. Click Create new account

Via Drush CLI

# Create a new Drupal user with a specific role
drush user:create jsmith --mail="jsmith@company.com" --password="temppass123"
drush user:role:add "content_editor" jsmith

# Create user and send password reset email
drush user:create jsmith --mail="jsmith@company.com"
drush user:password jsmith --password=""
drush user:login --name=jsmith  # generates one-time login link

Removing Users

From Acquia Cloud

  1. Navigate to Organization > Teams
  2. Find the team containing the user
  3. Click the user's name, then Remove from Team
  4. Repeat for all teams the user belongs to

To remove from the organization entirely:

# Remove user from organization via API
curl -X DELETE "https://cloud.acquia.com/api/organizations/{org_uuid}/members/{member_uuid}" \
  -H "Authorization: Bearer $TOKEN"

From Drupal

  1. Navigate to People (/admin/people)
  2. Find the user (use the search/filter)
  3. Select the user's checkbox
  4. Choose Block the selected user accounts from the Action dropdown
  5. Click Apply to selected items

Blocking is preferred over deletion since it preserves content attribution. To fully delete:

# Block a user in Drush (preserves content)
drush user:block jsmith

# Cancel/delete a user (reassigns content to anonymous)
drush user:cancel --reassign-content jsmith

# Cancel and delete all their content
drush user:cancel --delete-content jsmith

Bulk User Management

Bulk Import via Drush Script

#!/bin/bash
# bulk-create-users.sh - Create users from a CSV file
# CSV format: username,email,role
while IFS=',' read -r username email role; do
  drush user:create "$username" --mail="$email"
  drush user:role:add "$role" "$username"
  echo "Created $username ($email) with role $role"
done < users.csv

Bulk Operations in Drupal UI

Navigate to People (/admin/people), select multiple users via checkboxes, and apply bulk actions:

  • Block/unblock selected accounts
  • Add/remove roles
  • Cancel selected accounts

SSO and LDAP Integration

Acquia Cloud SSO

Acquia supports SAML 2.0 SSO for Cloud Platform access:

  1. Navigate to Organization > Security Settings
  2. Enable SAML Single Sign-On
  3. Enter your IdP metadata URL (Azure AD, Okta, etc.)
  4. Map IdP attributes to Acquia roles
  5. Optionally enforce SSO-only login

Drupal LDAP/SSO Modules

For Drupal CMS-level SSO, install the appropriate module:

# Install SAML authentication module
composer require drupal/samlauth
drush en samlauth -y

# Or for LDAP
composer require drupal/ldap
drush en ldap_authentication ldap_servers -y

Configure at Configuration > People > SAML Authentication (/admin/config/people/saml).

Onboarding Checklist

Step Acquia Cloud Drupal CMS
Create account Invite via team Create at /admin/people/create
Assign role Set team role Assign Drupal role
Set up 2FA Required for Cloud Optional (module-dependent)
Grant environment access Add to appropriate team N/A (app-level)
Configure SSH keys Profile > SSH Keys N/A

Offboarding Checklist

  1. Remove from all Acquia Cloud teams
  2. Block (do not delete) the Drupal account to preserve content attribution
  3. Revoke any API tokens the user created (Profile > API Tokens -- user must do this, or an admin revokes org-level access)
  4. Remove SSH keys from Acquia Cloud profile
  5. If SSO is configured, disable the user in your IdP -- Acquia login is automatically blocked
  6. Audit content last edited by the user for any pending drafts
返回顶部