Roleconfig - Brocade Communications Systems Brocade 8/12c Command Reference Manual
Brocade fabric os command reference manual supporting fabric os v7.0.0 (april 2011)
Hide thumbs
Also See for Brocade 8/12c:
- User manual (1301 pages) ,
- Command reference manual (1080 pages) ,
- Reference (362 pages)
Table of Contents
Advertisement
22
roleConfig
roleConfig
Manages user-defined roles.
SYNOPSIS
roleconfig --add role_name [-desc description]
[-class rbac_class_list] [-perm permission]
roleconfig --change role_name [-class rbac_class_list
-perm permission [-desc description
roleconfig --delete role_name [-force]
roleconfig --copy new_role -role source_role
roleconfig --show role_name | -all [-default]
roleconfig --help
DESCRIPTION
Use this command to create or modify user-defined roles, to define permissions for these roles based on
role-based access control (RBAC) permissions and meta-object format (MOF) classes, and to display
the configured roles. Two types of access control restriction exist in Fabric OS:
•
•
Use the --show option to display information about user-defined roles and default roles. Use the
classConfig command to display information about MOF classes and associated commands. Note that
you cannot modify the predefined Fabric OS roles.
NOTES
The execution of this command is subject to Virtual Fabric or Admin Domain restrictions that may be in
place. Refer to Chapter 1, "Using Fabric OS Commands" and Appendix A, "Command Availability" for
details.
OPERANDS
This command has the following operands:
--add
--change
858
Restriction by MOF class: A MOF class groups similar Fabric OS commands into feature sets that
share the same access permissions. By assigning one or more MOF classes to a role, the account
with the specified role can access all the commands included in these classes. For example, the
predefined role ZoneAdmin can access the commands under the MOF class Zoning, but not those
under the UserManagement class. With the roleConfig command you could define a special admin
role called myzonesec and assign access to this role for both the zoning and the userManagement
class.
Restriction by RBAC access level: You can further restrict access by setting RBAC one of the
following access levels for the role. The RBAC permissions are set per class.
-
O = observe
-
OM = observe-modify
-
N = none/not available
Creates a role with the specified name and optional attributes.
Modifies an existing user-defined role.
role_name
Specifies the name for the role to be created or modified. The name must be
unique; it is case-insensitive and can contain only alpha characters. The role
name must be at least 4 characters long and cannot exceed 16 characters. The
maximum number of user-defined roles allowed on a chassis is 256. This operand
is required.
Fabric OS Command Reference
53-1001764-01
Advertisement
Chapters
Table of Contents
