To view the list of roles, run the
isi auth roles list command.
The following authentication roles list displays:
isi auth roles list
Name
---------------
AuditAdmin
BackupAdmin
BasicUserRole
SecurityAdmin
StatisticsAdmin
SystemAdmin
VMwareAdmin
---------------
Total: 7
Run the
isi auth roles list --zone zone1 command to view the roles available in zone1
The roles available in zone1 display:
isi auth roles list --zone zone1
Name
-----------------
BasicUserRole
ZoneAdmin
ZoneSecurityAdmin
-----------------
Total: 3
Run the
isi auth roles view BasicUserRole --zone zone1 command to view the privileges associated with the BasicUserRole role in zone1.
isi auth roles view BasicUserRole --zone zone1
Name: BasicUserRole
Description: Allow restricted access to cluster for storage users.
Members: -
Privileges
ID: ISI_PRIV_LOGIN_PAPI
Permission: r
ID: ISI_PRIV_AUTH
Permission: r
ID: ISI_PRIV_AUTH_PROVIDERS
Permission: -
ID: ISI_PRIV_AUTH_SETTINGS_ACLS
Permission: -
ID: ISI_PRIV_AUTH_SETTINGS_GLOBAL
Permission: -
ID: ISI_PRIV_AUTH_ZONES
Permission: -
ID: ISI_PRIV_FILE_FILTER
Permission: w
ID: ISI_PRIV_HDFS
Permission: w
ID: ISI_PRIV_HDFS_RACKS
Permission: -
ID: ISI_PRIV_HDFS_SETTINGS
Permission: w
ID: ISI_PRIV_NFS
Permission: w
ID: ISI_PRIV_NFS_SETTINGS
Permission: r
ID: ISI_PRIV_NFS_SETTINGS_GLOBAL
Permission: -
ID: ISI_PRIV_NFS_SETTINGS_ZONE
Permission: -
ID: ISI_PRIV_S3
Permission: w
ID: ISI_PRIV_S3_MYKEYS
Permission: -
ID: ISI_PRIV_S3_SETTINGS
Permission: w
ID: ISI_PRIV_S3_SETTINGS_GLOBAL
Permission: -
ID: ISI_PRIV_SMB
Permission: w
ID: ISI_PRIV_SMB_SESSIONS
Permission: r
ID: ISI_PRIV_SMB_SETTINGS
Permission: -
ID: ISI_PRIV_SMB_SETTINGS_GLOBAL
Permission: -
ID: ISI_PRIV_SMB_SETTINGS_SHARE
Permission: -
ID: ISI_PRIV_NS_IFS_ACCESS
Permission: r
Run the
isi auth roles view ZoneAdmin --zone zone1 command to view the privileges associated with the ZoneAdmin role in zone1.
isi auth roles view ZoneAdmin --zone zone1
Name: ZoneAdmin
Description: Administer aspects of configuration related to current access zone.
Members: -
Privileges
ID: ISI_PRIV_LOGIN_PAPI
Permission: r
ID: ISI_PRIV_AUDIT
Permission: w
ID: ISI_PRIV_FILE_FILTER
Permission: w
ID: ISI_PRIV_HDFS
Permission: w
ID: ISI_PRIV_NFS
Permission: w
ID: ISI_PRIV_PAPI_CONFIG
Permission: w
ID: ISI_PRIV_S3
Permission: w
ID: ISI_PRIV_SMB
Permission: w
ID: ISI_PRIV_SWIFT
Permission: w
ID: ISI_PRIV_VCENTER
Permission: w
ID: ISI_PRIV_NS_TRAVERSE
Permission: r
ID: ISI_PRIV_NS_IFS_ACCESS
Permission: r
Run the
isi auth roles view ZoneSecurityAdmin --zone zone1 command to view the privileges associated with the ZoneSecurityAdmin role in zone1.
isi auth roles view ZoneSecurityAdmin --zone zone1
Name: ZoneSecurityAdmin
Description: Administer aspects of security configuration related to current access zone.
Members: -
Privileges
ID: ISI_PRIV_LOGIN_PAPI
Permission: r
ID: ISI_PRIV_AUTH
Permission: w
ID: ISI_PRIV_ROLE
Permission: w
Run the
isi auth user create command to create a user to add to the ZoneAdmin role.
You can only add existing users to a role. The
isi auth roles modify command does not create the user for you.
Run the isi auth roles view command to view whether the new user has been added to the ZoneAdmin role.
isi auth roles view ZoneAdmin --zone zone1
Name: ZoneAdmin
Description: Administer aspects of configuration related to current access zone.
Members: z1-user1
Privileges
ID: ISI_PRIV_LOGIN_PAPI
Permission: r
ID: ISI_PRIV_AUDIT
Permission: w
ID: ISI_PRIV_FILE_FILTER
Permission: w
ID: ISI_PRIV_HDFS
Permission: w
ID: ISI_PRIV_NFS
Permission: w
ID: ISI_PRIV_PAPI_CONFIG
Permission: w
ID: ISI_PRIV_S3
Permission: w
ID: ISI_PRIV_SMB
Permission: w
ID: ISI_PRIV_SWIFT
Permission: w
ID: ISI_PRIV_VCENTER
Permission: w
ID: ISI_PRIV_NS_TRAVERSE
Permission: r
ID: ISI_PRIV_NS_IFS_ACCESS
Permission: r
Run the
isi auth user create command to create a user to add to the ZoneSecurityAdmin role.
You can only add existing users to a role. The
isi auth roles modify command does not create the user for you.
Run the isi auth roles view command to view whether the new user has been added to the ZoneSecurityAdmin role.
isi auth roles view ZoneSecurityAdmin --zone zone1
Name: ZoneSecurityAdmin
Description: Administer aspects of security configuration related to current access zone.
Members: z1-user2
Privileges
ID: ISI_PRIV_LOGIN_PAPI
Read Only: True
ID: ISI_PRIV_LOGIN_PAPI
Permission: r
ID: ISI_PRIV_AUTH
Permission: w
ID: ISI_PRIV_ROLE
Permission: w
Data is not available for the Topic
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\