acl set
Modifies the ACL for a cluster or volume.
The acl set
command specifies the entire ACL for a cluster or volume. Any
previous permissions are overwritten by the new values, and any permissions omitted are
removed. To use the acl set
command, you must have administrative (a)
permissions on the volume and cluster for which you are running the command. The permissions
are specified as a comma-separated list of permission codes. See acl. You must specify either a
user
or a group
. When the type
is
volume
, a volume name must be specified using the name
parameter.
Syntax
- CLI
-
maprcli acl set [ -cluster <cluster name> ] [ -group <group> ] [ -name <name> ] -type cluster|volume [ -user <user> ]
- REST
-
http[s]://<host:port>/rest/acl/set?<parameters>
Parameters
Parameter |
Description |
---|---|
cluster |
The cluster on which to run the command. |
group |
Groups and allowed actions for each group. See acl. Format:
|
name |
The object name. |
type |
The object type ( |
user |
Users and allowed actions for each user. See acl. Format:
|
Examples
Give the userroot
full control of the
my.cluster.com
cluster and remove all permissions for all other users: - CLI
-
maprcli acl set -type cluster -cluster my.cluster.com -user root:fc
- REST
-
https://10.10.82.22:8443/rest/acl/set?type=cluster&cluster=my.cluster.com&user=root%3Afc
# maprcli acl show -type cluster
Principal Allowed actions
User root [login, ss, cv, a, fc]
User lfedotov [login, ss, cv, a, fc]
User mapr [login, ss, cv, a, fc]
# maprcli acl set -type cluster -cluster my.cluster.com -user root:fc
# maprcli acl show -type cluster
Principal Allowed actions
User root [login, ss, cv, a, fc]
test-volume
volume
and remove all permissions for all other users: - CLI
-
maprcli acl set -type volume -name test-volume -user jsmith:dump,restore,m rjones:fc