Summary: Adding group CRUD by CLI
Test Plan:
```
Create a new group mapping for LDAP/OIDC
Usage:
yba groups create [flags]
Aliases:
create, add
Examples:
yba groups create -n <group-name> -c <auth_code> -role-resource-definition <role-resource-definition>
Flags:
-n, --name string [Required] Name of the group mapping. Use group name for OIDC and Group DN for LDAP.
-c, --auth_code string [Required] Authentication code of the group(LDAP/OIDC)
--role-resource-definition stringArray [Required] Role resource bindings to be added. Provide the following double colon (::) separated fields as key-value pairs:"role-uuid=<role-uuid>::allow-all=<true/false>::resource-type=<resource-type>::resource-uuid=<resource-uuid1>,<resource-uuid2>,<resource-uuid3>". Role UUID is a required value. Allowed values for resource type are universe, role, user, other. If resource UUID list is empty, default for allow all is true. If the role given is a system role, resource type, allow all and resource UUID must be empty. Add multiple resource types for each role UUID using separate --role-resource-definition flags. Each binding needs to be added using a separate --role-resource-definition flag. Example: --role-resource-definition role-uuid=<role-uuid1>::resource-type=<resource-type1>::resource-uuid=<resource-uuid1>,<resource-uuid2>,<resource-uuid3> --role-resource-definition role-uuid=<role-uuid2>::resource-type=<resource-type1>::resource-uuid=<resource-uuid1>,<resource-uuid2>,<resource-uuid3> --role-resource-definition role-uuid=<role-uuid2>::resource-type=<resource-type2>::resource-uuid=<resource-uuid1>,<resource-uuid2>,<resource-uuid3>
-h, --help help for create
Global Flags:
-a, --apiToken string YugabyteDB Anywhere api token.
--config string Config file, defaults to $HOME/.yba-cli.yaml
--debug Use debug mode, same as --logLevel debug.
--disable-color Disable colors in output. (default false)
-H, --host string YugabyteDB Anywhere Host (default "http://localhost:9000")
-l, --logLevel string Select the desired log level format. Allowed values: debug, info, warn, error, fatal. (default "info")
-o, --output string Select the desired output format. Allowed values: table, json, pretty. (default "table")
--timeout duration Wait command timeout, example: 5m, 1h. (default 168h0m0s)
--wait Wait until the task is completed, otherwise it will exit immediately. (default true)
```
```
Update group mapping for LDAP/OIDC
Usage:
yba groups update [flags]
Aliases:
update, modify, edit
Examples:
yba groups update -n <group-name> --role-resource-definition <role-resource-definition>
Flags:
-n, --name string [Required] Name of the group to update.
--role-resource-definition stringArray [Optional] Set the exact list of roles-definitions for the group, replacing any existing roles.
Provide the following double colon (::) separated fields as key-value pairs:
"role-uuid=<role-uuid>::allow-all=<true/false>::resource-type=<resource-type>::
resource-uuid=<resource-uuid1>,<resource-uuid2>,<resource-uuid3>".
Role UUID is a required value.
Allowed values for resource type are universe, role, user, other.
If resource UUID list is empty, allow all is set to true.
If the role given is a system role, resource type, allow all and
resource UUID must be empty.
Add multiple resource types for each role UUID
using separate --role-resource-definition flags.
Each binding needs to be added using a separate --role-resource-definition flag.
Example: --role-resource-definition
role-uuid=<role-uuid1>::resource-type=<resource-type1>::
resource-uuid=<resource-uuid1>,<resource-uuid2>,<resource-uuid3>
--role-resource-definition
role-uuid=<role-uuid2>::resource-type=<resource-type1>::
resource-uuid=<resource-uuid1>,<resource-uuid2>,<resource-uuid3>
--role-resource-definition
role-uuid=<role-uuid2>::resource-type=<resource-type2>::
resource-uuid=<resource-uuid1>,<resource-uuid2>,<resource-uuid3>
--add-role-resource-definition stringArray [Optional] Add one or more role-resource-definitions to the group. Input format is same as --role-resource-definition.
Example: --add-role-resource-definition role-uuid=<role-uuid1>::resource-type=<resource-type1>::
resource-uuid=<resource-uuid1>,<resource-uuid2>,<resource-uuid3>
--add-role-resource-definition role-uuid=<role-uuid2>::resource-type=<resource-type1>::
resource-uuid=<resource-uuid1>,<resource-uuid2>,<resource-uuid3>
--remove-roles strings [Optional] Remove one or more roles from the group.
Example: --remove-roles role1,role2 or --remove-roles role1 --remove-roles role2.
-h, --help help for update
Global Flags:
-a, --apiToken string YugabyteDB Anywhere api token.
--config string Config file, defaults to $HOME/.yba-cli.yaml
--debug Use debug mode, same as --logLevel debug.
--disable-color Disable colors in output. (default false)
-H, --host string YugabyteDB Anywhere Host (default "http://localhost:9000")
-l, --logLevel string Select the desired log level format. Allowed values: debug, info, warn, error, fatal. (default "info")
-o, --output string Select the desired output format. Allowed values: table, json, pretty. (default "table")
--timeout duration Wait command timeout, example: 5m, 1h. (default 168h0m0s)
--wait Wait until the task is completed, otherwise it will exit immediately. (default true)
```
```
Delete a group for LDAP/OIDC
Usage:
yba groups delete [flags]
Aliases:
delete, remove
Examples:
yba groups delete -n <group-name>
Flags:
-n, --name string [Required] Name of the group to be deleted
-h, --help help for delete
Global Flags:
-a, --apiToken string YugabyteDB Anywhere api token.
--config string Config file, defaults to $HOME/.yba-cli.yaml
--debug Use debug mode, same as --logLevel debug.
--disable-color Disable colors in output. (default false)
-H, --host string YugabyteDB Anywhere Host (default "http://localhost:9000")
-l, --logLevel string Select the desired log level format. Allowed values: debug, info, warn, error, fatal. (default "info")
-o, --output string Select the desired output format. Allowed values: table, json, pretty. (default "table")
--timeout duration Wait command timeout, example: 5m, 1h. (default 168h0m0s)
--wait Wait until the task is completed, otherwise it will exit immediately. (default true)
```
```
List YugabyteDB Anywhere group mappings
Usage:
yba groups list [flags]
Aliases:
list, ls
Examples:
yba groups list
Flags:
-n, --name string [Optional] Name of the group mapping. Use group name for OIDC and Group DN for LDAP.
-c, --auth_code string [Optional] Authentication code of the group mapping. Use LDAP or OIDC.
-h, --help help for list
Global Flags:
-a, --apiToken string YugabyteDB Anywhere api token.
--config string Config file, defaults to $HOME/.yba-cli.yaml
--debug Use debug mode, same as --logLevel debug.
--disable-color Disable colors in output. (default false)
-H, --host string YugabyteDB Anywhere Host (default "http://localhost:9000")
-l, --logLevel string Select the desired log level format. Allowed values: debug, info, warn, error, fatal. (default "info")
-o, --output string Select the desired output format. Allowed values: table, json, pretty. (default "table")
--timeout duration Wait command timeout, example: 5m, 1h. (default 168h0m0s)
--wait Wait until the task is completed, otherwise it will exit immediately. (default true)
```
Reviewers: dkumar
Reviewed By: dkumar
Differential Revision: https://phorge.dev.yugabyte.com/D42783
