acl show

Syntax

An ACL contains the list of users who can perform specific actions.

CLI

/opt/mapr/bin/maprcli acl show
     -type object type [cluster|volume|securitypolicy] 
	[ -name name ]
	[ -cluster cluster name ]
	[ -user userName whose ACL is queried ]
	[ -group groupName whose ACL is queried ]
	[ -output output format short|long|terse (default short). default: short ]
	[ -perm list of available permissions Parameter takes no value  ]

REST

Request Type	GET
Request URL	`http[s]://<host>:<port>/rest/acl/show?<parameters>`

Parameters

Parameter	Description
cluster	The name of the cluster on which to run the command.
group	The group for which to display permissions.
name	The cluster or volume name.
output	The output format: long short terse The default format is `short`.
perm	When you specify this option, `acl show` displays the permissions available for the object type specified in the `type` parameter.
type	Value can be one of `cluster` or `volume`. If type is `volume`, the volume `name` is required.
user	The user for whom to display permissions.

Output

The actions that each user or group is allowed to perform on the cluster or the specified volume. For information about each allowed action, see acl.

Principal   Allowed actions     
User root   [login, ss, cv, a, fc]  
Group root  [login, ss, cv, a, fc]  
All users   [login]

Examples

Show the ACL for the cluster:

CLI

# /opt/mapr/bin/maprcli acl show -type cluster -json
{
	"timestamp":1555494572399,
	"timeofday":"2019-04-17 02:49:32.399 GMT-0700 AM",
	"status":"OK",
	"total":2,
	"data":[
		{
			"Principal":"User mapr",
			"Allowed actions":"[login, ss, cv, a, fc, cp]"
		},
		{
			"Principal":"User root",
			"Allowed actions":"[login, ss, cv, a, fc, cp]"
		}
	]
}

REST

curl -u mapr:mapr -X GET -k "https://host:8443/rest/acl/show?type=cluster"
{"timestamp":1555494852652,"timeofday":"2019-04-17 02:54:12.652 GMT-0700 AM","status":"OK","total":2,"data":[{"Principal":"User mapr","Allowed actions":"[login, ss, cv, a, fc, cp]"},{"Principal":"User root","Allowed actions":"[login, ss, cv, a, fc, cp]"}]}

Show the ACL for "test-volume":

CLI

# /opt/mapr/bin/maprcli acl show -type volume -name sampleVol1
Allowed actions               Principal  
[dump, restore, m, a, d, fc]  User mapr  
[dump, restore, m, d, fc]     User foo   
[dump, restore, a]            User bar   
[m, d]                        User abc

REST

# curl -u mapr:mapr -X GET -k "https://host:8443/rest/acl/show?type=volume&name=sampleVol1"
{"timestamp":1525461068100,"timeofday":"2018-05-04 12:11:08.100 GMT-0700 PM","status":"OK","total":4,"data":[{"Principal":"User mapr","Allowed actions":"[dump, restore, m, a, d, fc]"},{"Principal":"User foo","Allowed actions":"[dump, restore, m, d, fc]"},{"Principal":"User bar","Allowed actions":"[dump, restore, a]"},{"Principal":"User abc","Allowed actions":"[m, d]"}]}

Show the permissions that can be set on a cluster:

CLI

# /opt/mapr/bin/maprcli acl show -type cluster -perm
Permissions  Description                         
login        Login access                        
ss           Start/stop services in the cluster  
cv           Create volumes                      
a            Administrator                       
fc           Full control                        
cp           Create security policies

REST

# curl -u mapr:mapr -X GET -k "https://host:8443/rest/acl/show?type=cluster&perm"
{"timestamp":1555497261931,"timeofday":"2019-04-17 03:34:21.931 GMT-0700 AM","status":"OK","total":6,"data":[{"Permissions":"login","Description":"Login access"},{"Permissions":"ss","Description":"Start/stop services in the cluster"},{"Permissions":"cv","Description":"Create volumes"},{"Permissions":"a","Description":"Administrator"},{"Permissions":"fc","Description":"Full control"},{"Permissions":"cp","Description":"Create security policies"}]}