create_role
Creates a new Enterprise Manager admininistrator role.
Standard Mode
emcli create_role -name="role_name" [-type="type_of_role"] [-description="description"] [-roles="role1;role2;..."] [-users="user1;user2;..."] [-privilege="name[;secure_resource_details]]" [-separator=privilege="sep_string"] [-subseparator=privilege="subsep_string"] [ ] indicates that the parameter is optional
Interactive or Script Mode
create_role (name="role_name" [,type="type_of_role"] [,description="description"] [,roles="role1;role2;..."] [,users="user1;user2;..."] [,privilege="name[;secure_resource_details]]" [,separator=privilege="sep_string"] [,subseparator=privilege="subsep_string"] ) [ ] indicates that the parameter is optional
Options
-
name
Role name.
-
type
Type of role. The default value for this option is EM_ROLE. Other possible values for this parameter are EM_ROLE and EXTERNAL_ROLE.
-
description
Description of the role.
-
roles
List of roles to assign to this new role. Currently, the only built-in role is
PUBLIC
. -
users
List of users to whom this role is assigned. If the role must be granted with the WITH_ADMIN option, include the <subseparator:>WITH_ADMIN option.
-
privilege
Privilege to grant to this role. You can specify this option more than once. Note: Privileges are case-insensitive.
Specify <secure_resource_details> as follows:
resource_guid|[resource_column_name1=resource_column_value1[:resource_column_name2=resource_column_value2]..]"
To get the list of SYSTEM privileges, which do not require resource information, execute the following emcli command:
emcli get_supported_privileges -type=SYSTEM
To get the complete list of privileges and resource column names, execute the following emcli command:
emcli get_supported_privileges
To get the list of target type privileges, execute the following emcli command:
emcli get_supported_privileges -type=TARGET
To get the list of job privileges, execute the following emcli command:
emcli get_supported_privileges -type=JOB
-
separator
Specify a string delimiter to use between name-value pairs for the value of the privilege option. The default separator delimiter is ";" .
For example: separator="<attribute_name=sep_char>"
where attribute_name is the name of the attribute for which you want to override the separator character and sep_char is the new separator character: separator="att=#"
-
subseparator
Specify a string delimiter to use between name and value in each name-value pair for the value of the privilege option. The default separator delimiter is ";" .
For example: subseparator="<attribute_name=sep_char>"
where attribute_name is the name of the attribute for which you want to override the separator character and sep_char is the new subseparator character: subseparator="att=#"
For information about overriding the separator or subseparator, see "Overriding the Separator and Subseparator".
Examples
These examples create a role named my_new_role
with the one-sentence description - "This is a new role called my_new_role
". The role combines three existing roles: role1
, role2
, and role3
. The role also has two added privileges: to view the job with ID 923470234ABCDFE23018494753091111 and to view the target host1.example.com:host
. The role is granted to johndoe
and janedoe
.
Example 1 - Command-Line
emcli create_role -name="my_new_role" -desc="This is a new role called my_new_role" -roles="role1;role2;role3" -privilege="view_job;923470234ABCDFE23018494753091111" -privilege="view_target;host1.example.com:host" -users="johndoe;janedoe"
Example 2 - Scripting and Interactive
create_role (name="my_new_role" ,desc="This is a new role called my_new_role" ,roles="role1;role2;role3" ,privilege="view_job;923470234ABCDFE23018494753091111" ,privilege="view_target;host1.example.com:host" ,users="johndoe;janedoe")
These examples create a role named my_external_role with a role type of EXTERNAL_ROLE and one-sentence description of "This is an external role."
Example 3 - Command-Line
emcli create_role -name="my_external_role" -type="EXTERNAL_ROLE" -desc="This is an external role"
Example 4 - Scripting and Interactive
create_role (name="my_external_role" ,type="EXTERNAL_ROLE" ,desc="This is an external role")