lbcli create auth-map-entry
Creates a new auth-map-entry.
Synopsis
This is step three of a three-step operation, mapping an identity provider (IdP) to a Lightbits authorization engine scope and role.
The required steps for using IdP are:
- Step 1: Create an idp-configuration, configuring an IdP cluster to work with.
- Step 2: Create an idp-client-configuration, specifying the app/user mode of operation for a specific client.
- Step 3: Create an auth-map-entry, mapping the identifier (client ID or group information) to a Lightbits scope/role.
lbcli create auth-map-entry [flags]Examples:
lbcli -J $JWT create auth-map-entry --name monitoring-service-app --scope system --role viewer --identifier 037d735c-5d9b-4976-9fc1-11e5a9bd00bd --idp-configuration-name idp1lbcli -J $JWT create auth-map-entry --name DevSecGroup --scope system --role cluster-admin --identifier DevSec --idp-configuration-name idp1| Flag | Short | Type | Default | Description |
|---|---|---|---|---|
| --help | -h | bool | Help for auth-map-entry. | |
| --identifier | string | The identifier of the entry (can be client-id/group-name) (required). | ||
| --name | string | The name of the entry to save in the Lightbits cluster (required). | ||
| --idp-configuration-name | string | The name of the IdP configuration to use for this entry. | ||
| --role | string | The role of the group in the Lightbits cluster (required). For example, viewer. | ||
| --scope | string | The scope of the group in the Lightbits cluster (required). For example, system. |
Was this page helpful?