OpenStack Client Tools

osc network rbac-policy create

Create RBAC policy for given tenant.

Normal response codes: 201

Error response codes: 400, 401

Usage: osc network rbac-policy create [OPTIONS]

Options:

• --action <ACTION> — Action for the RBAC policy which is access_as_external or access_as_shared
• --object-id <OBJECT_ID> — The ID of the object_type resource. An object_type of network returns a network ID, an object_type of qos-policy returns a QoS policy ID, an object_type of security-group returns a security group ID, an object_type of address-scope returns a address scope ID, an object_type of subnetpool returns a subnetpool ID and an object_type of address-group returns an address group ID
• --object-type <OBJECT_TYPE> — The type of the object that the RBAC policy affects. Types include qos-policy, network, security-group, address-scope, subnetpool or address-group
• --target-tenant <TARGET_TENANT> — The ID of the tenant to which the RBAC policy will be enforced. Please note that Neutron does not perform any type of validation that the value provided is actually the ID of the existing project. If, for example, the name of the project is provided here, it will be accepted by the Neutron API, but the RBAC rule created will not work as expected
• --tenant-id <TENANT_ID>