configure identity-management role add dynamic-rule
Description
Adds a dynamic ACL rule for the specified role and specifies the order.
Syntax Description
role_name |
Specifies the name of an existing role. |
rule_name |
Specifies the name of a dynamic ACL rule to add to the specified role. |
Default
The order of the dynamic rule is last if the order is not explicitly specified.
Usage Guidelines
The maximum number of policies or ACL rules that can be applied to a particular role is restricted to 8. This count does not include the policies and rules inherited from a parent role. Since the maximum hierarchy depth is 5, the maximum number of policies and rules supported for a role at the maximum hierarchy depth is 40 (8 x 5).
When a dynamic ACL rule is added to a role, it is immediately installed for all identities mapped to that role and roles below it in the role hierarchy.
Example
The following example configures the role named India-Engr to use the ACL rule named india-Engr-rule:
* Switch.55 # configure identity-management role "India-Engr" add dynamic-rule india-Engr-rule
History
This command was first available in ExtremeXOS 12.5.
This command was modified in ExtremeXOS 15.2.1 to specify order.
Platform Availability
This command is available on ExtremeSwitching X435, X440-G2, X450-G2, X460-G2, X465, X590, X620, and X695 series switches.