Security Commands
The CLI includes the following security commands:
Command | Description |
---|---|
| Adds a role to a principal in authorization system for role-based access control |
| Creates a role in authorization system for role-based access control |
| Drops a role from authorization system for role-based access control |
| Grants a principal privileges to perform certain actions on an authorizable. For namespaces, For artifacts and apps, <entity-id> is composed of the namespace, entity name, and version, such as <namespace-name>.<artifact-name>.<artifact-version> or <namespace-name>.<app-name>.<app-version>. Note: Metadata for versioned entities is not versioned, including entities such as applications, programs, schedules, and program runs. Additions to metadata in one version are reflected in all versions. For programs, <entity-id> includes the application name and the program type: <namespace-name>.<app-name>.<program-type>.<program-name>. <program-type> is one of mapreduce, service, spark, worker, or workflow. For datasets, <entity-id> is the namespace and entity names, such as <namespace-name>.<dataset-name>. Custom entities can be specified as hierarchical key-value pair with an optional type if the last key in hierarchy is not the type of the entity. For example a |
| Lists privileges for a principal |
| Lists all roles, optionally for a particular principal in an authorization system for role-based access control |
| Removes a role from a principal in authorization system for role-based access control |
| Revokes a principal's privileges to perform certain actions on an entity. For namespaces, For artifacts and apps, <entity-id> is composed of the namespace, entity name, and version, such as <namespace-name>.<artifact-name>.<artifact-version> or <namespace-name>.<app-name>.<app-version>. Note: Metadata for versioned entities is not versioned, including entities such as applications, programs, schedules, and program runs. Additions to metadata in one version are reflected in all versions. For programs, <entity-id> includes the application name and the program type: <namespace-name>.<app-name>.<program-type>.<program-name>. <program-type> is one of mapreduce, service, spark, worker, or workflow. For datasets, <entity-id> is the namespace and entity names, such as <namespace-name>.<dataset-name>. Custom entities can be specified as hierarchical key-value pair with an optional type if the last key in hierarchy is not the type of the entity. For example a |
| Revokes all privileges for all users on the entity. <entity> is of the form <entity-type>:<entity-id>, where <entity-type> is one of For namespaces, For artifacts and apps, <entity-id> is composed of the namespace, entity name, and version, such as <namespace-name>.<artifact-name>.<artifact-version> or <namespace-name>.<app-name>.<app-version>. Note: Metadata for versioned entities is not versioned, including entities such as applications, programs, schedules, and program runs. Additions to metadata in one version are reflected in all versions. For programs, <entity-id> includes the application name and the program type: <namespace-name>.<app-name>.<program-type>.<program-name>. <program-type> is one of mapreduce, service, spark, worker, or workflow. For datasets, <entity-id> is the namespace and entity names, such as <namespace-name>.<dataset-name>. Custom entities can be specified as hierarchical key-value pair with an optional type if the last key in hierarchy is not the type of the entity. For example a |
Created in 2020 by Google Inc.