efa auth rolemapping

Assigns EFA roles to a user or an LDAP group.

Syntax

efa auth rolemapping add [--name user-name | --role efa-role | --type user-type ]

efa auth rolemapping show

efa auth rolemapping remove --id id

Parameters

--name user-name: Specifies the user name or the LDAP group name.
--role efa-role: Specifies the role that you want to assign. It can be one of the following: FabricAdmin, SecurityAdmin, NetworkOperator, SystemDebugger, SystemAdmin, <Tenant>Admin. The Tenant Administrator is assigned dynamically when the tenant is created. The role name has the following format: <Tenant-name>Admin.
--type user-type: Specifies the type of user. Enter either user or group.
--id id: ID of the role mapping.

Examples

This example assigns the role of Fabric Admin to a user named fabricuser.

# efa auth rolemapping add --name fabricuser --role FabricAdmin --type user
Successfully added the role mapping

This example assigns the role of NetworkOperator to a group named viewer.

# efa auth rolemapping add --name viewer --role NetworkOperator --type group
Successfully added the role mapping.

This example displays all assigned mappings.

# efa auth rolemapping show
ID  Name	 Role	      Type
1   efauser    SystemAdmin      USER
2   fabricuser FabricAdmin      USER
3   viewer     NetworkOperator  GROUP

This example deletes the role for the user with ID 3.

# efa auth rolemapping remove --id 3
Deleted role mapping successfully