efa auth rolemapping

Assigns EFA roles to a user or an LDAP group.

Syntax

efa auth rolemapping add [--name user-name | --role efa-role | --type user-type ]
efa auth rolemapping show
efa auth rolemapping remove --id id

Parameters

--name user-name
Specifies the user name or the LDAP group name.
--role efa-role
Specifies the role that you want to assign. It can be one of the following: FabricAdmin, SecurityAdmin, NetworkOperator, SystemDebugger, SystemAdmin, <Tenant>Admin. The Tenant Administrator is assigned dynamically when the tenant is created. The role name has the following format: <Tenant-name>Admin.
--type user-type
Specifies the type of user. Enter either user or group.
--id id
ID of the role mapping.

Examples

This example assigns the role of Fabric Admin to a user named fabricuser.

# efa auth rolemapping add --name fabricuser --role FabricAdmin --type user
Successfully added the role mapping

This example assigns the role of NetworkOperator to a group named viewer.

# efa auth rolemapping add --name viewer --role NetworkOperator --type group
Successfully added the role mapping.
This example displays all assigned mappings.
# efa auth rolemapping show
ID  Name	 Role	      Type
1   efauser    SystemAdmin      USER
2   fabricuser FabricAdmin      USER
3   viewer     NetworkOperator  GROUP 
This example deletes the role for the user with ID 3.
# efa auth rolemapping remove --id 3
Deleted role mapping successfully