Code Block

language	bash
title	Examples for Renaming and Removing Accounts
linenumbers	true

# common options for connection to JS7 REST API
request_options=(--url=http://localhost:4446 --user=root --password=root) 

# rename permission
./deploy-identity-service.sh rename-permission "${request_options[@]}" --service=JOC-INITIAL --role=business-user \
                                               --permission='sos:products:controller:deployment:manage' \
                                               --new-permission='sos:products:controller:deployment:view' --excluded

# remove permission
./deploy-identity-service.sh remove-permission "${request_options[@]}" --service=JOC-INITIAL --role=business-user \
                                               --permission='sos:products:controller:deployment:view'

# remove permissions
./deploy-identity-service.sh remove-permission "${request_options[@]}" --service=JOC-INITIAL --role=business-user \
                                               --permission='sos:products:controller:deployment','sos:products:controller:agents:view'

...

Setting up Identity Management

Setting up Identity Service, Roles, Permissions and Accounts

Code Block

language	bash
title	Examples for Renaming and Removing Accounts
linenumbers	true

# common options for connection to JS7 REST API
request_options=(--url=http://localhost:4446 --user=root --password=root)   # store Identity Service

# create Identity Service using password for single-factor authentication
./deploy-identity-service.sh store-service "${request_options[@]}" --service=My-Service --service-type=LDAP --required \
                                           --authentication-scheme=SINGLE-FACTOR

# create roles
./deploy-identity-service.sh store-role "${request_options[@]}" --service=My-Service --role=developer
./deploy-identity-service.sh store-role "${request_options[@]}" --service=My-Service --role=operator

# assign permissions to roles
./deploy-identity-service.sh set-permission "${request_options[@]}" --service=My-Servicde --role=developer \
                                            --permission='sos:products:joc:administration:view','sos:products:joc:auditlog:view','sos:products:joc:calendars:view','sos:products:joc:cluster','sos:products:joc:inventory','sos:products:controller:view','sos:products:controller:agents:view'

./deploy-identity-service.sh set-permission "${request_options[@]}" --service=My-Servicde --role=operator\
                                            --permission='sos:products:joc:auditlog:view','sos:products:joc:calendars:view','sos:products:joc:cluster:view','sos:products:controller:view','sos:products:controller:agents:view'

# create accounts and assign to roles 
./deploy-identity-service.sh store-account "${request_options[@]}" --service=My-Service --account=dev --role=developer
./deploy-identity-service.sh store-account "${request_options[@]}" --service=My-Service --account=ops --role=operator

Resources

API
- JS7 - REST Web Service API
- JS7 - PowerShell Module
Workflow Deployment Operations
- JS7 - Unix Shell CLI for Workflow Deployment
Workflow Status Operations
- JS7 - Unix Shell CLI for Workflow Status Operations
Controller Deployment Operations
- JS7 - Unix Shell CLI for Controller Deployment
Controller Status Operations
- JS7 - Unix Shell CLI for Controller Status Operations
JOC Cockpit Status Operations
- JS7 - Unix Shell CLI for JOC Cockpit Status Operations

...

Space shortcuts

Page tree

Versions Compared

Old Version 15

New Version 16

Key

Setting up Identity Management

Setting up Identity Service, Roles, Permissions and Accounts

Resources

Space shortcuts

Page tree

Page History

Versions Compared

Old Version 15

New Version 16

Key

Setting up Identity Management

Setting up Identity Service, Roles, Permissions and Accounts

Resources