---
title: How to Attach a Role to a User
url: https://docs.vultr.com/platform/iam/roles/how-to-attach-a-role-to-a-user
description: Attach an IAM role directly to a user on Vultr. The user receives all permissions from the role's attached policies through the Vultr IAM system immediately.
publish_date: 2026-03-24T19:52:36.696152Z
last_updated: 2026-06-01T21:29:28.473492Z
---

Attaching a role to a user grants them all permissions defined by the policies within that role. This allows you to manage user access by assigning predefined permission sets rather than configuring individual policies for each user.

Follow this guide to attach a role to a user using the Vultr Console, the Vultr API, or Terraform.

=== "Vultr Console"

    1. Log in to the [Vultr Console](https://console.vultr.com).
    1. Click the organization name in the top navigation bar.
    1. Click **Manage Organization**.
    1. Click the **Roles** tab.
    1. Click the name of the role you want to attach.
    1. In the **Attached Entities** section, click the **+** button.
    1. Search for and select the users you want to attach to this role.
    1. Click **Attach Entities**.

        The selected users appear in the Attached Entities list and inherit the role's permissions.

=== "Vultr API"

    1. Send a `GET` request to the [**List Roles** endpoint](https://www.vultr.com/api/#tag/iam/operation/list-iam-roles) to retrieve all roles in your organization.

        ```console
        $ curl "https://api.vultr.com/v2/roles" \
            -X GET \
            -H "Authorization: Bearer ${VULTR_API_KEY}"
        ```

        Note the `id` of the role you want to attach.

    1. Identify the `user_id` of the target user. Follow the steps in [How to List All Users in an Organization](https://docs.vultr.com/platform/iam/organizations/how-to-list-all-users-in-an-organization) to retrieve user IDs.

    1. Send a `POST` request to the [**Attach Role to User** endpoint](https://www.vultr.com/api/#tag/iam/operation/assign-iam-user-to-role) to attach the role. Replace `{role-id}` with the role id and `{user-id}` with the user id.

        ```console
        $ curl "https://api.vultr.com/v2/roles/{role-id}/users/{user-id}" \
            -X POST \
            -H "Authorization: Bearer ${VULTR_API_KEY}"
        ```

        A successful request returns an HTTP `201 Created` response.

=== "Terraform"

    There is no dedicated role-user attachment resource. Add the role ID to the `roles` field of the `vultr_user` resource.

    1. Ensure the [Vultr Terraform provider](https://registry.terraform.io/providers/vultr/vultr/latest/docs) is configured in your Terraform project.

    1. Add the role ID to the `roles` list in the user resource definition.

        ```hcl
        resource "vultr_user" "new_user" {
          name     = "USER-NAME"
          email    = "USER-EMAIL"
          password = "STRONG-PASSWORD"
          roles    = [vultr_organization_role.my_role.id]
        }
        ```

    1. Apply the configuration.

        ```console
        $ terraform apply
        ```

        Verify that the output shows `vultr_user.new_user: Modifications complete`.