Getting the RBAC tools
Modified: 08 Mar 2023 00:28 UTC
To use Role Based Access Control (RBAC) from the command line make sure that you have updated to the latest smartdc and manta tools:
| Tool | Minimum version for RBAC |
|---|---|
| smartdc | 7.3 |
| manta | 1.4.1 |
To update, you can use the following commands.
$ sudo npm install -g smartdc
$ sudo npm install -g mantaCommand arguments and environment variables
The smartdc and Manta commands now take a new --user argument to specify the user that is making the request.
Since you'll often be making requests for the same user and account, you can put common arguments in environment variables.
| SmartDataCenter Environment Variable | Corresponding Argument | Description |
|---|---|---|
SDC_URL |
--url | URL of data center to use. https://us-central-1.api.mnx.io |
SDC_ACCOUNT |
--account | The account name. bigco |
SDC_USER |
--user | The user making the request. maria |
SDC_KEY_ID |
--keyId | The fingerprint of the account or user SSH public key. 10:d0:59:ef:4f:71:3b:8b:4b:6a:05:d2:57:24:28:27 |
| Manta Environment Variable | Corresponding Argument | Description |
|---|---|---|
MANTA_URL |
--url | URL of Manta endpoint. https://us-central.manta.mnx.io |
MANTA_USER |
--account | The account name. bigco |
MANTA_SUBUSER |
--user | The user making the request. maria |
MANTA_KEY_ID |
--keyId | The fingerprint of the account or user SSH public key. 10:d0:59:ef:4f:71:3b:8b:4b:6a:05:d2:57:24:28:27 |
SDC_KEY_ID and MANTA_KEY_ID refer to the user's key if the user specified. Otherwise the key ID is the account's key.
Here is how to generate a key ID (fingerprint) for a public SSH key stored in ~/.ssh/id_rsa.pub:
export MANTA_KEY_ID=$(ssh-keygen -l -f $HOME/.ssh/id_rsa.pub | awk '{print $2}')New smartdc commands
The sdc user, role, and policy commands are used to manage access control in both CloudAPI and Manta.
| Command | Description |
|---|---|
| sdc-user | Commands for working with users. For sub-commands use sdc-user help |
| sdc-role | Commands for working with roles. For sub-commands use sdc-role help |
| sdc-policy | Commands for working with policies. For sub-commands use sdc-policy help |
| sdc-info | Get role information about a CloudAPI resource. |
| sdc-chmod | Set the role information for a CloudAPI resource. |
New Manta commands
| Command | Description |
|---|---|
| minfo | Get information about a Manta resource. |
| mchmod | Set role information for a Manta resource. |
