confluent iam rbac role-binding create¶
Description¶
Create a role binding.
confluent iam rbac role-binding create [flags]
Note
If you need to troubleshoot when setting up role bindings, it may be helpful to view audit logs on the fly to identify authorization events for specific principals, resources, or operations. For details, refer to Viewing audit logs on the fly.
Flags¶
--role string REQUIRED: Role name of the new role binding.
--principal string REQUIRED: Qualified principal name for the role binding.
--cloud-cluster string Cloud cluster ID for the role binding.
--environment string Environment ID for scope of role-binding create.
--current-env Use current environment ID for scope.
-o, --output string Specify the output format as "human", "json", or "yaml". (default "human")
--role string REQUIRED: Role name of the new role binding.
--principal string REQUIRED: Qualified principal name for the role binding.
--prefix Whether the provided resource name is treated as a prefix pattern.
--resource string Qualified resource name for the role binding.
--kafka-cluster-id string Kafka cluster ID for the role binding.
--schema-registry-cluster-id string Schema Registry cluster ID for the role binding.
--ksql-cluster-id string ksqlDB cluster ID for the role binding.
--connect-cluster-id string Kafka Connect cluster ID for the role binding.
--cluster-name string Cluster name to uniquely identify the cluster for role binding listings.
--context string CLI context name.
-o, --output string Specify the output format as "human", "json", or "yaml". (default "human")
Global Flags¶
-h, --help Show help for this command.
-v, --verbose count Increase verbosity (-v for warn, -vv for info, -vvv for debug, -vvvv for trace).
Examples¶
Create a role binding for the principal giving it the CloudClusterAdmin role for the specified cluster and environment.
confluent iam rbac role-binding create --principal User:u-ab1234 --role CloudClusterAdmin --cloud-cluster lkc-ab123 --environment env-abcde
Create a role binding for the principal permitting it produce to the “users” topic.
confluent iam rbac role-binding create --principal User:appSA --role DeveloperWrite --resource Topic:users --kafka-cluster-id $KAFKA_CLUSTER_ID
See Also¶
- confluent iam rbac role-binding - Manage RBAC and IAM role bindings.