GLOBUS ENDPOINT ROLE CREATE

NAME

globus endpoint role create - Add a role to an endpoint.

SYNOPSIS

globus endpoint role create [OPTIONS] ENDPOINT_ID

DESCRIPTION

Create a role on an endpoint. You must have sufficient privileges to modify the roles on the endpoint.

Either --group or --identity is required. You may not pass both. Which one of these options you use will determine the 'Principal Type' on the role, and the value given will be the 'Principal' of the resulting role. The term "Principal" is used in the sense of "a security principal", an entity which has some privileges associated with it.

OPTIONS

--provision-identity IDENTITY_USERNAME

Identity username to use as a security principal. Identity will be provisioned if it does not exist.

--group GROUP_ID

Group to use as a security principal

--identity IDENTITY_ID_OR_NAME

Identity to use as a security principal

--role [administrator|access_manager|activity_manager|activity_monitor]

A role to assign. [required]

-v, --verbose

Control level of output, make it more verbose.

--quiet

Suppress non-essential output. This is higher precedence than --verbose.

-h, --help

Show this message and exit.

-F, --format [unix|json|text]

Output format for stdout. Defaults to text.

--jmespath, --jq TEXT

A JMESPath expression to apply to json output. Forces the format to be json processed by this expression.

--map-http-status TEXT

Map HTTP statuses to any of these exit codes: 0,1,50-99. e.g. "404=50,403=51"

OUTPUT

Textual output is a simple success message in the absence of errors, containing the ID of the created role.

EXAMPLES

Grant 'demo@globus.org' the 'activity_monitor' role on 'aa752cea-8222-5bc8-acd9-555b090c0ccb':

$ globus endpoint role create 'aa752cea-8222-5bc8-acd9-555b090c0ccb'     --identity 'demo@globus.org' --role activity_monitor

EXIT STATUS

0 on success.

1 if a network or server error occurred, unless --map-http-status has been used to change exit behavior on http error codes.

2 if the command was used improperly.

3 if the command was used on the wrong type of object, e.g. a collection command used on an endpoint.

4 if the command has authentication or authorization requirements which were not met, as in ConsentRequired errors or missing logins.