GLOBUS ENDPOINT ROLE CREATE
Create a role on an endpoint. You must have sufficient privileges to modify the roles on the endpoint.
Either --group or --identity is required. You may not pass both. Which one of these options you use will determine the 'Principal Type' on the role, and the value given will be the 'Principal' of the resulting role. The term "Principal" is used in the sense of "a security principal", an entity which has some privileges associated with it.
Identity username to use as a security principal. Identity will be provisioned if it does not exist.
Group to use as a security principal
Identity to use as a security principal
A role to assign. [required]
- -v, --verbose
Control level of output
- -h, --help
Show this message and exit.
Output format for stdout. Defaults to text
A JMESPath expression to apply to json output. Forces the format to be json processed by this expression
Map HTTP statuses to any of these exit codes: 0,1,50-99. e.g. "404=50,403=51"
Textual output is a simple success message in the absence of errors, containing the ID of the created role.
Grant 'firstname.lastname@example.org' the 'activity_monitor' role on 'ddb59aef-6d04-11e5-ba46-22000b92c6ec':
$ globus endpoint role create 'ddb59aef-6d04-11e5-ba46-22000b92c6ec' --identity 'email@example.com' --role activity_monitor
0 on success.
1 if a network or server error occurred, unless --map-http-status has been used to change exit behavior on http error codes.
2 if the command was used improperly.
3 if the command was used on the wrong type of object, e.g. a collection command used on an endpoint.
4 if the command has authentication or authorization requirements which were not met, as in ConsentRequired errors or missing logins.