This section explains how to use the
qq auth_create_role command.For more information, see Managing Role-Based Access Control (RBAC) for Users and Groups in Qumulo Core in the Qumulo Administrator Guide.
Examples
To Create a New Custom Qumulo Core Role
Run the qq auth_create_role command and specify the custom role name, description, and the file that lists the necessary privileges. For example:
qq auth_create_role \
--role "SMB-Manager" \
--description "Manage SMB Shares" \
--privileges-file privileges.txt
To Create a Custom Qumulo Core Role with Multiple Privileges
For this operation, you must run the qq auth_list_privileges
and qq auth_create_role
commands.
-
Run the
qq auth_list_privilegescommand and usegrepto write only the privileges that contain the wordWRITEto theprivileges.txtfile. For example:qq auth_list_privileges | \ grep WRITE > privileges.txt -
Run the
qq auth_create_rolecommand and specify theprivileges.txtfile to create a custom role. For example:qq auth_create_role -r "Write-Everything" \ -d "Can write, create, modify everything" \ -p all-write-privileges.txt
Description
Create a custom role.
Usage
qq auth_create_role [-h] -r ROLE [-d DESCRIPTION] [-p PRIVILEGES_FILE]
Flags
| Flag Name | Required | Description |
|---|---|---|
-r
|
Yes | Name of the role to create |
-d
|
No | Description of the new role |
-p
|
No | File with privileges for the role (see auth_list_privileges) |