4.3. Managing Domain Users¶
4.3.1. vinfra domain user create¶
Create a new domain user:
usage: vinfra domain user create [--email <email>] [--description <description>]
[--assign <project> <role>]
[--domain-permissions <domain_permissions>]
[--system-permissions <system_permissions>]
[--enable | --disable] --name <name> --domain <domain>
--email <email>
- User email
--description <description>
- User description
--assign <project> <role>
Assign a user to a project with one or more permission sets. Specify this option multiple times to assign the user to multiple projects.
<project>
: project ID or name<role>
: user role in the project (project_admin
)
--domain-permissions <domain_permissions>
A comma-separated list of domain permissions:
domain_admin
: can manage virtual objects in all projects within the assigned domain as well as project and user assignment in the self-service panel.image_upload
: can upload images.
--system-permissions <system_permissions>
A comma-separated list of system permissions:
admin
: has all permissions and can perform all management operations, including project creation and user management.cluster
: can create the storage cluster, join nodes to it, and manage (assign and release) disks.ssh
: can add and remove SSH keys for accessing cluster node.compute
: can create and manage the compute cluster.network
: can modify networks and traffic types.updates
: can install updates.s3
: can create and manage the S3 cluster.abgw
: can create and manage Backup Gateway.iscsi
: can create and manage iSCSI targets, LUNs, and CHAP users.nfs
: can create and manage NFS shares and exports.viewer
: can monitor cluster performance and parameters but cannot change any settings.
--enable
- Enable user
--disable
- Disable user
--name <name>
- User name
--domain <domain>
- Domain name or ID
Example:
# vinfra domain user create --domain mydomain --name myuser \
--domain-permissions domain_admin
Password:
+--------------------+----------------------------------+
| Field | Value |
+--------------------+----------------------------------+
| assigned_projects | [] |
| description | |
| domain_permissions | - domain_admin |
| email | |
| enabled | True |
| id | a9c67c6acf1f4df1818fdeeee0b4bd5e |
| name | myuser |
| role | domain_admin |
| system_permissions | [] |
+--------------------+----------------------------------+
This command creates and enables a new administrator account myuser
within the domain mydomain
. It also sets password for the new user.
4.3.2. vinfra domain user list¶
List all users in a domain:
usage: vinfra domain user list --domain <domain>
--domain <domain>
- Domain name or ID
Example:
# vinfra domain user list --domain mydomain -c id -c name -c enabled \
-c domain_permissions -c assigned_projects
+-----------+--------+---------+-------------------+-------------------+
| id | name | enabled |domain_permissions | assigned_projects |
+-----------+--------+---------+-------------------+-------------------+
| a9c6<...> | myuser | True |- domain_admin | [] |
+-----------+--------+---------+-------------------+-------------------+
This command lists users in the domain mydomain
. (The output is abridged to fit on page.)
4.3.3. vinfra domain user show¶
Display information about a domain user:
usage: vinfra domain user show --domain <domain> <user>
--domain <domain>
- Domain ID or name
<user>
- User ID or name
Example:
# vinfra domain user show myuser --domain mydomain
+--------------------+----------------------------------+
| Field | Value |
+--------------------+----------------------------------+
| assigned_projects | [] |
| description | |
| domain_permissions | - domain_admin |
| email | |
| enabled | True |
| id | a9c67c6acf1f4df1818fdeeee0b4bd5e |
| name | myuser |
| role | domain_admin |
| system_permissions | [] |
+--------------------+----------------------------------+
This command shows the details of the user myuser
from the domain mydomain
.
4.3.4. vinfra domain user set¶
Modify the parameters of a domain user:
usage: vinfra domain user set [--password] [--email <email>]
[--description <description>]
[--assign <project> <role>]
[--domain-permissions <domain_permissions>]
[--system-permissions <system_permissions>]
[--enable | --disable] [--name <name>]
--domain <domain> <user>
--password
- Request the password from stdin
--email <email>
- User email
--description <description>
- User description
--assign <project> <role>
Assign a user to a project with one or more permission sets. Specify this option multiple times to assign the user to multiple projects.
<project>
: project ID or name<role>
: user role in the project (project_admin
)
--domain-permissions <domain_permissions>
A comma-separated list of domain permissions:
domain_admin
: can manage virtual objects in all projects within the assigned domain as well as project and user assignment in the self-service panel.image_upload
: can upload images.
--system-permissions <system_permissions>
A comma-separated list of system permissions:
admin
: has all permissions and can perform all management operations, including project creation and user management.cluster
: can create the storage cluster, join nodes to it, and manage (assign and release) disks.ssh
: can add and remove SSH keys for accessing cluster nodes.compute
: can create and manage the compute cluster.network
: can modify networks and traffic types.updates
: can install updates.s3
: can create and manage the S3 cluster.abgw
: can create and manage Backup Gateway.iscsi
: can create and manage iSCSI targets, LUNs, and CHAP users.nfs
: can create and manage NFS shares and exports.viewer
: can monitor cluster performance and parameters but cannot change any settings.
--enable
- Enable user
--disable
- Disable user
--name <name>
- User name
--domain <domain>
- Domain name or ID
<user>
- User ID or name
Example:
# vinfra domain user set myuser --domain mydomain \
--assign myproject project_admin
+--------------------+----------------------------------+
| Field | Value |
+--------------------+----------------------------------+
| assigned_projects | [] |
| description | |
| domain_permissions | - domain_admin |
| email | |
| enabled | True |
| id | a9c67c6acf1f4df1818fdeeee0b4bd5e |
| name | myuser |
| role | domain_admin |
| system_permissions | [] |
+--------------------+----------------------------------+
This command assigns the user myuser
from the domain mydomain
to the project myproject
as a project administrator.
4.3.5. vinfra domain user delete¶
Remove a domain user:
usage: vinfra domain user delete --domain <domain> <user>
--domain <domain>
- Domain ID or name
<user>
- User ID or name
Example:
# vinfra domain user delete myuser --domain mydomain
Operation successful
This command deletes the user myuser
from the domain mydomain
.