This section explains how to use the qq auth_create_role command.

For more information, see Managing Role-Based Access Control (RBAC) for Users and Groups in Qumulo Core in the Qumulo Administrator Guide.

Examples

To Create a New Custom Qumulo Core Role

Run the qq auth_create_role command and specify the custom role name, description, and the file that lists the necessary privileges. For example:

qq auth_create_role \
  --role "SMB-Manager" \
  --description "Manage SMB Shares" \
  --privileges-file privileges.txt

To Create a Custom Qumulo Core Role with Multiple Privileges

For this operation, you must run the qq auth_list_privileges and qq auth_create_role commands.

  1. Run the qq auth_list_privileges command and use grep to write only the privileges that contain the word WRITE to the privileges.txt file. For example:

    qq auth_list_privileges | \
      grep WRITE > privileges.txt
    
  2. Run the qq auth_create_role command and specify the privileges.txt file to create a custom role. For example:

    qq auth_create_role -r "Write-Everything" \
     -d "Can write, create, modify everything" \
     -p all-write-privileges.txt
    

Description

Create a custom role.

Usage

qq auth_create_role [-h] -r ROLE [-d DESCRIPTION] [-p PRIVILEGES_FILE]

Flags

Flag Name Required Description
-r Yes Name of the role to create
-d No Description of the new role
-p No File with privileges for the role (see auth_list_privileges)