GLOBUS ENDPOINT PERMISSION CREATE
Create a new access control rule on the target endpoint, granting users new permissions on the given path.
The target endpoint must be a shared endpoint, as only these use access control lists to manage permissions.
The '--permissions' option is required, and exactly one of '--all-authenticated' '--anonymous', '--group', or '--identity' is required to know to whom permissions are being granted.
Identity username to use as a security principal. Identity will be provisioned if it does not exist.
Allow anyone access, as long as they login (treated as a security principal)
Allow anyone access, even without logging in (treated as a security principal)
Group to use as a security principal
Identity to use as a security principal
Permissions to add. Read-Only or Read/Write [required]
An email address to notify that the permission has been added
A custom message to add to email notifications
- -v, --verbose
Control level of output
- -h, --help
Show this message and exit.
Output format for stdout. Defaults to text
A JMESPath expression to apply to json output. Forces the format to be json processed by this expression
Map HTTP statuses to any of these exit codes: 0,1,50-99. e.g. "404=50,403=51"
Give anyone read access to a directory.
$ ep_id=ddb59aef-6d04-11e5-ba46-22000b92c6ec $ globus endpoint permission create $ep_id:/dir --permissions r --anonymous
Give read and write access to a specific user.
$ ep_id=ddb59aef-6d04-11e5-ba46-22000b92c6ec $ globus endpoint permission create $ep_id:/ --permissions rw --identity email@example.com
0 on success.
1 if a network or server error occurred, unless --map-http-status has been used to change exit behavior on http error codes.
2 if the command was used improperly.
3 if the command was used on the wrong type of object, e.g. a collection command used on an endpoint.
4 if the command has authentication or authorization requirements which were not met, as in ConsentRequired errors or missing logins.