Skip to content

CLI

Declarative

Users can use RCTL to add IDP user(s) to the IDP Group(s) and view the list of groups

Create Group(s)

Use the following command to create a new group

./rctl create group <group_name>

Create User(s)

Use the following command to create a user for API only access

./rctl create user [email protected]

Use the following command to create a user for Console access

./rctl create user [email protected] --console First_Name,LastName

Add user to a Group

Use the following command to associate user to a group

./rctl create groupassociation <group_name> --associateusers <user>

Assign Role to the Project

To assign a role to a project, ensure a project and a group are created.

Use the following command to assign a base role to the project

./rctl create groupassociation <demo_group> --associateproject <demo-project> --roles PROJECT_ADMIN

To assign multiple base roles, use the following command

./rctl create groupassociation <group_name> --associateproject <project_name> --roles PROJECT_ADMIN,INFRA_ADMIN,INFRA_READ_ONLY

To assign custom roles, use the following command

./rctl create groupassociation <group_name> --associateproject <project_name> --customroles <role_name>

List of Base Roles

Here is the list of roles that can be assigned to a user:

  • ADMIN
  • ADMINISTRATOR_READ_ONLY
  • CLUSTER_ADMIN
  • CLUSTER_TEMPLATE_USER
  • ENVIRONMENT_TEMPLATE_USER
  • FINOPS_ADMIN
  • INFRA_ADMIN
  • INFRA_READ_ONLY
  • NAMESPACE_ADMIN
  • NAMESPACE_READ_ONLY
  • PROJECT_ADMIN
  • PROJECT_READ_ONLY
  • WORKSPACE_ADMIN
  • WORKSPACE_READ_ONLY

Get Group

Use the following command to get a group details

./rctl get groupassociation <group-name>

Example Output

./rctl get groupassociation demo_group
+---------------+---------------------------+
| PROJECT       | ROLES                     |
+---------------+---------------------------+
| demo_group    | ENVIRONMENT_TEMPLATE_USER |
+---------------+---------------------------+

Get SSO User(s)

To get the list of all SSO users details, use the below command

./rctl get ssousers

Example Output

+---------------------+--------------------------------+
| NAME                | PROJECTS                       |
+---------------------+--------------------------------+
| [email protected] | defaultproject, testproject, |
|                     | demo-project                  |
+---------------------+--------------------------------+
| [email protected]    | defaultproject                 |
+---------------------+--------------------------------+

To view a single SSO user details, use the below command

./rctl get ssousers <user-name>

Example output

+-------------------------+----------------+
| NAME                    | PROJECTS       |
+-------------------------+----------------+
| [email protected] | default_project |
+-------------------------+----------------+

Delete User

To delete a user from a group, use the below command

./rctl delete groupassociation <group_name> --dissociateusers <userid>