configure identity-management role add policy

configure identity-management role role_name add policy policy-name {first | last {[before | after] ref_policy_name}}

Description

Adds a policy for the specified role and specifies the order.

Syntax Description

role_name

Specifies the name of an existing role.

policy-name

Specifies the name of a policy to add to the specified role.

Default

The order of the policy is last if the order is not explicitly specified.

Usage Guidelines

The maximum number of policies or ACL rules that can be applied to a particular role is restricted to 8. This count does not include the policies and rules inherited from a parent role. Since the maximum hierarchy depth is 5, the maximum number of policies and rules supported for a role at the maximum hierarchy depth is 40 (8 x 5).

When a policy is added to a role, it is immediately installed for all identities mapped to that role and all roles below it in the role hierarchy.

Example

The following example configures the role named India-Engr to use the policy named india-Engr-policy:

* Switch.44 # configure identity-management role "India-Engr" add policy india-Engr-policy

History

This command was first available in ExtremeXOS 12.5.

This command was modified in ExtremeXOS 15.2.1 to specify order.

Platform Availability

This command is available on ExtremeSwitching X435, X440-G2, X450-G2, X460-G2, X465, X590, X620, and X695 series switches.