You can assign a role to a user and to an
LDAP group.
About this task
For more information about EFA roles, see EFA RBAC Policy Enforcement.
Procedure
-
To assign a role to a user, run
the following command.
# efa auth rolemapping add --name fabricuser --role FabricAdmin --type user
Successfully added the role mapping
In this example, a user named
fabricuser was assigned the role of FabricAdmin.
-
To assign a role to an LDAP
group, run the following command.
# efa auth rolemapping add --name "cn=viewer,dc=extr,dc=com" --role NetworkOperator
--type group
Successfully added the role mapping.
In this example, a group named
"cn=viewer,dc=extr,dc=com" was assigned the role of NetworkOperator.
-
To view all role assignments,
run the following command.
# efa auth rolemapping show
ID Name Role Type
1 efauser SystemAdmin USER
2 fabricuser FabricAdmin USER
3 viewer NetworkOperator GROUP
-
To delete a role assignment, run
the following command.
# efa auth rolemapping remove --id 3
Deleted role mapping successfully
In this example, the role for
the user with ID 3 was removed.