.. _Managing Domain Users: Managing Domain Users --------------------- .. _vinfra domain user create: vinfra domain user create ~~~~~~~~~~~~~~~~~~~~~~~~~ Create a new domain user: :: usage: vinfra domain user create [--email ] [--description ] [--assign ] [--domain-permissions ] [--system-permissions ] [--enable | --disable] --name --domain ``--email `` User email ``--description `` User description ``--assign `` Assign a user to a project with one or more permission sets. Specify this option multiple times to assign the user to multiple projects. - ````: project ID or name - ````: user role in the project (``project_admin``) ``--domain-permissions `` A comma-separated list of domain permissions: - ``domain_admin``: can manage virtual objects in all projects within the assigned domain as well as project and user assignment in the self-service panel. - ``image_upload``: can upload images. ``--system-permissions `` A comma-separated list of system permissions: - ``admin``: has all permissions and can perform all management operations, including project creation and user management. - ``cluster``: can create the storage cluster, join nodes to it, and manage (assign and release) disks. - ``ssh``: can add and remove SSH keys for accessing cluster node. - ``compute``: can create and manage the compute cluster. - ``network``: can modify networks and traffic types. - ``updates``: can install updates. - ``s3``: can create and manage the S3 cluster. - ``abgw``: can create and manage Backup Gateway. - ``iscsi``: can create and manage iSCSI targets, LUNs, and CHAP users. - ``nfs``: can create and manage NFS shares and exports. - ``viewer``: can monitor cluster performance and parameters but cannot change any settings. ``--enable`` Enable user ``--disable`` Disable user ``--name `` User name ``--domain `` Domain name or ID Example: :: # vinfra domain user create --domain mydomain --name myuser \ --domain-permissions domain_admin Password: +--------------------+----------------------------------+ | Field | Value | +--------------------+----------------------------------+ | assigned_projects | [] | | description | | | domain_permissions | - domain_admin | | email | | | enabled | True | | id | a9c67c6acf1f4df1818fdeeee0b4bd5e | | name | myuser | | role | domain_admin | | system_permissions | [] | +--------------------+----------------------------------+ This command creates and enables a new administrator account ``myuser`` within the domain ``mydomain``. It also sets password for the new user. .. _vinfra domain user list: vinfra domain user list ~~~~~~~~~~~~~~~~~~~~~~~ List all users in a domain: :: usage: vinfra domain user list --domain ``--domain `` Domain name or ID Example: :: # vinfra domain user list --domain mydomain -c id -c name -c enabled \ -c domain_permissions -c assigned_projects +-----------+--------+---------+-------------------+-------------------+ | id | name | enabled |domain_permissions | assigned_projects | +-----------+--------+---------+-------------------+-------------------+ | a9c6<...> | myuser | True |- domain_admin | [] | +-----------+--------+---------+-------------------+-------------------+ This command lists users in the domain ``mydomain``. (The output is abridged to fit on page.) .. _vinfra domain user show: vinfra domain user show ~~~~~~~~~~~~~~~~~~~~~~~ Display information about a domain user: :: usage: vinfra domain user show --domain ``--domain `` Domain ID or name ```` User ID or name Example: :: # vinfra domain user show myuser --domain mydomain +--------------------+----------------------------------+ | Field | Value | +--------------------+----------------------------------+ | assigned_projects | [] | | description | | | domain_permissions | - domain_admin | | email | | | enabled | True | | id | a9c67c6acf1f4df1818fdeeee0b4bd5e | | name | myuser | | role | domain_admin | | system_permissions | [] | +--------------------+----------------------------------+ This command shows the details of the user ``myuser`` from the domain ``mydomain``. .. _vinfra domain user set: vinfra domain user set ~~~~~~~~~~~~~~~~~~~~~~ Modify the parameters of a domain user: :: usage: vinfra domain user set [--password] [--email ] [--description ] [--assign ] [--domain-permissions ] [--system-permissions ] [--enable | --disable] [--name ] --domain ``--password`` Request the password from stdin ``--email `` User email ``--description `` User description ``--assign `` Assign a user to a project with one or more permission sets. Specify this option multiple times to assign the user to multiple projects. - ````: project ID or name - ````: user role in the project (``project_admin``) ``--domain-permissions `` A comma-separated list of domain permissions: - ``domain_admin``: can manage virtual objects in all projects within the assigned domain as well as project and user assignment in the self-service panel. - ``image_upload``: can upload images. ``--system-permissions `` A comma-separated list of system permissions: - ``admin``: has all permissions and can perform all management operations, including project creation and user management. - ``cluster``: can create the storage cluster, join nodes to it, and manage (assign and release) disks. - ``ssh``: can add and remove SSH keys for accessing cluster nodes. - ``compute``: can create and manage the compute cluster. - ``network``: can modify networks and traffic types. - ``updates``: can install updates. - ``s3``: can create and manage the S3 cluster. - ``abgw``: can create and manage Backup Gateway. - ``iscsi``: can create and manage iSCSI targets, LUNs, and CHAP users. - ``nfs``: can create and manage NFS shares and exports. - ``viewer``: can monitor cluster performance and parameters but cannot change any settings. ``--enable`` Enable user ``--disable`` Disable user ``--name `` User name ``--domain `` Domain name or ID ```` User ID or name Example: :: # vinfra domain user set myuser --domain mydomain \ --assign myproject project_admin +--------------------+----------------------------------+ | Field | Value | +--------------------+----------------------------------+ | assigned_projects | [] | | description | | | domain_permissions | - domain_admin | | email | | | enabled | True | | id | a9c67c6acf1f4df1818fdeeee0b4bd5e | | name | myuser | | role | domain_admin | | system_permissions | [] | +--------------------+----------------------------------+ This command assigns the user ``myuser`` from the domain ``mydomain`` to the project ``myproject`` as a project administrator. .. _vinfra domain user delete: vinfra domain user delete ~~~~~~~~~~~~~~~~~~~~~~~~~ Remove a domain user: :: usage: vinfra domain user delete --domain ``--domain `` Domain ID or name ```` User ID or name Example: :: # vinfra domain user delete myuser --domain mydomain Operation successful This command deletes the user ``myuser`` from the domain ``mydomain``.