efa auth rolemapping

Assigns EFA roles to a user or an LDAP group.

Syntax

efa auth rolemapping add {--name user-name --role efa-role --type user-type}
efa auth rolemapping show
efa auth rolemapping remove--id id

Parameters

--name user-name
Specifies the user name or the LDAP group name.
--role efa-role
Specifies the role that you want to assign. One of the following: FabricAdmin, SecurityAdmin, NetworkOperator, SystemDebugger, SystemAdmin, <Tenant>Admin. The Tenant Administrator is assigned dynamically when the tenant is created. The role name has the format of <Tenant-name>Admin.
--type user-type
Specifies the type of user. Enter either user or group.
add
Specifies that you want to add a mapping.
show
Indicates that you want to show all role mappings.
remove --id id
Specifies that you want to remove the mapping for the indicated ID number.

Examples

This example assigns the role of Fabric Admin to a user named fabricuser.

# efa auth rolemapping add --name fabricuser --role FabricAdmin --type user
Successfully added the role mapping

This example assigns the role of NetworkOperator to a group named viewer. 

# efa auth rolemapping add --name viewer --role NetworkOperator --type group
Successfully added the role mapping.
This example displays all assigned mappings.
# efa auth rolemapping show
ID  Name	 Role	      Type
1   efauser    SystemAdmin      USER
2   fabricuser FabricAdmin      USER
3   viewer     NetworkOperator  GROUP
This example deletes the role for the user with ID 3.
# efa auth rolemapping remove --id 3
Deleted role mapping successfully
9036660-00 Rev AA