Skip to content

User Group Resource API 3.8

Jump to bottom
craig-duffin edited this page Dec 19, 2017 · 1 revision

The User Group (Permission Group) resource allows for the creation and management of user groups on Brocade vTM.

User/Permission groups specify permissions for groups of users. These groups can be given read-write or readonly access to different parts of the configuration hierarchy. Each group will contain a table of permissions. Each table entry has a name that corresponds to a part of the configuration hierarchy, and a corresponding access level. The access level may have values of either none, ro (read only, this is the default), or full. Some permissions have sub-permissions, these are denoted by following the parent permission name with a colon (:) followed by the sub-permission name. The built-in admin group has a special permission key of all with the value full, this must not be altered for the admin group but can be used in other group configuration files to change the default permission level for the group.

Example Usage

resource "brocadevtm_user_group" "user_group_example" {
       name = "exampleUserGroup"
       description = "example user group"
       password_expire_time = 300
       timeout = 300
       permissions = {
          name =  "Web_Cache"
          access_level = "full"
       } 
       permissions = {
          name =  "super wizard"
          access_level = "ro"
       } 
}

Argument Reference

The following arguments are supported:

  • name - (Required) - (String) - Name of the user group
  • description - (Optional, Default = none) - (String) - Description the user group
  • password_expire_time - (Optional, Default = none) - (UInt) - Members of this group must renew their passwords after this number of days.To disable password expiry for the group set this to 0 (zero). Note that this setting applies only to local users.
  • timeout - (Optional, Default = 30) - (UInt) - Inactive UI sessions will timeout after this number of seconds. To disable inactivity timeouts for the group set this to 0 (zero).
  • permission - (Set) - A pair of a name and an access_level defining which level of permission this group has for a specific configuration element configuration elements. Multiple of these can be set per user group as per the example.
    • name - (Required) - (String) - Configuration element to which this group has a level of permission.
    • access_level - (Required) - (String) - Permission level for the configuration element (none, ro or full)

Resource References

API 3.8

API 5.1

Clone this wiki locally