A network rbac is a Role-Based Access Control (RBAC) policy for network resources. It enables both operators and users to grant access to network resources for specific projects.
Network v2
Create network RBAC policy
os network rbac create
--type <type>
--action <action>
--target-project <target-project> [--target-project-domain <target-project-domain>]
[--project <project> [--project-domain <project-domain>]]
<rbac-policy>
Type of the object that RBAC policy affects (“qos_policy” or “network”) (required)
Action for the RBAC policy (“access_as_external” or “access_as_shared”) (required)
The project to which the RBAC policy will be enforced (name or ID) (required)
Domain the target project belongs to (name or ID). This can be used in case collisions between project names exist.
The owner project (name or ID)
Domain the project belongs to (name or ID). This can be used in case collisions between project names exist.
The object to which this RBAC policy affects (name or ID for network objects, ID only for QoS policy objects)
Delete network RBAC policy(s)
os network rbac delete
<rbac-policy> [<rbac-policy> ...]
RBAC policy(s) to delete (ID only)
Set network RBAC policy properties
os network rbac set
[--target-project <target-project> [--target-project-domain <target-project-domain>]]
<rbac-policy>
The project to which the RBAC policy will be enforced (name or ID)
Domain the target project belongs to (name or ID). This can be used in case collisions between project names exist.
RBAC policy to be modified (ID only)
Display network RBAC policy details
os network rbac show
<rbac-policy>
RBAC policy (ID only)