confluent iam rbac role-binding create

Description

Create a role binding.

confluent iam rbac role-binding create [flags]

Note

If you need to troubleshoot when setting up role bindings, it may be helpful to view audit logs on the fly to identify authorization events for specific principals, resources, or operations. For details, refer to Viewing audit logs on the fly.

Flags

    --role string            REQUIRED: Role name of the new role binding.
    --principal string       REQUIRED: Qualified principal name for the role binding.
    --cloud-cluster string   Cloud cluster ID for the role binding.
    --environment string     Environment ID for scope of role-binding create.
    --current-env            Use current environment ID for scope.
-o, --output string          Specify the output format as "human", "json", or "yaml". (default "human")
    --role string                         REQUIRED: Role name of the new role binding.
    --principal string                    REQUIRED: Qualified principal name for the role binding.
    --prefix                              Whether the provided resource name is treated as a prefix pattern.
    --resource string                     Qualified resource name for the role binding.
    --kafka-cluster-id string             Kafka cluster ID for the role binding.
    --schema-registry-cluster-id string   Schema Registry cluster ID for the role binding.
    --ksql-cluster-id string              ksqlDB cluster ID for the role binding.
    --connect-cluster-id string           Kafka Connect cluster ID for the role binding.
    --cluster-name string                 Cluster name to uniquely identify the cluster for role binding listings.
    --context string                      CLI context name.
-o, --output string                       Specify the output format as "human", "json", or "yaml". (default "human")

Global Flags

-h, --help            Show help for this command.
-v, --verbose count   Increase verbosity (-v for warn, -vv for info, -vvv for debug, -vvvv for trace).

Examples

Create a role binding for the principal giving it the CloudClusterAdmin role for the specified cluster and environment.

confluent iam rbac role-binding create --principal User:u-ab1234 --role CloudClusterAdmin --cloud-cluster lkc-ab123 --environment env-abcde

Create a role binding for the principal permitting it produce to the “users” topic.

confluent iam rbac role-binding create --principal User:appSA --role DeveloperWrite --resource Topic:users --kafka-cluster-id $KAFKA_CLUSTER_ID

See Also