efa rbac role show

Displays the static and dynamic roles available in EFA.


efa rbac role show [ --name role-name ]


--name role-name
Specifies name of the role.

Usage Guidelines

Output of the command is as follows.
Role Description
  • Registers devices to the fabric
  • Configures fabric parameters
  • Validates all devices in the fabric
  • Configures switches for IP fabric with overlay and without overlay
  • Creates tenants
  • Creates networks inside tenants, such as VRF, EPG, and PO
  • Performs fabric debug activities
  • Has privileges for OpenStack, Hyper-V, and vCenter operations
SecurityAdmin Performs user management, PKI, and key management operations
  • Has view-only privileges for fabric configurations, information for tenants and inventory, and all ecosystem information
  • Cannot make changes in the system
  • Has privileges to perform supportsave and system backup, and to view the running system configurations
  • Has privileges to perform fabric debug operations
  • Sets debug levels for services
  • Has privileges to collect execution logs from services
SystemAdmin Has complete privileges to all operations in the system

* Created dynamically per tenant

Performs tenant administration within the assigned tenant, such as the following:
  • Adding networks to the tenant
  • Configuring network parameters
  • Configuring switches with tenant-specific information
Cannot perform actions for any other tenant