IBM Cloud Private CLI iam commands (iam)
Learn about the cloudctl iam commands that you can run to manage your API keys, IDs, and service policies.
cloudctl iam
- cloudctl iam roles
- cloudctl iam saml-disable
- cloudctl iam saml-enable
- cloudctl iam saml-export-metadata
- cloudctl iam saml-status
- cloudctl iam saml-upload-metadata
- cloudctl iam service-api-key
- cloudctl iam service-api-key-create
- cloudctl iam service-api-key-delete
- cloudctl iam service-api-key-update
- cloudctl iam service-api-keys
- cloudctl iam service-id
- cloudctl iam service-id-create
- cloudctl iam service-id-delete
- cloudctl iam service-id-update
- cloudctl iam service-ids
- cloudctl iam service-policies
- cloudctl iam service-policy
- cloudctl iam service-policy-create
- cloudctl iam service-policy-delete
- cloudctl iam service-policy-update
- cloudctl iam services
cloudctl iam roles
cloudctl iam roles - List roles
Example
cloudctl iam roles
cloudctl iam saml-disable
cloudctl iam saml-disable - Disable SAML authentication
Example
cloudctl iam saml-disable
cloudctl iam saml-enable
cloudctl iam saml-enable - Enable SAML authentication
Example
cloudctl iam saml-enable
cloudctl iam saml-export-metadata
cloudctl iam saml-export-metadata - Export the SAML metadata content to create a SAML integration. Requires SAML to be enabled with 'cloudctl iam saml-enable'.
Example
cloudctl iam saml-export-metadata [--file SAML_XML_FILE]
PARAMETERS:
--file value, -f value Write the SAML metadata content to file.
cloudctl iam saml-status
cloudctl iam saml-status - Get the SAML configuration status.
Example
cloudctl iam saml-status
cloudctl iam saml-upload-metadata
cloudctl iam saml-upload-metadata - Upload SAML metadata content to complete the SAML integration.
Example
cloudctl iam saml-upload-metadata --file SAML_XML_FILE
PARAMETERS:
--file value, -f value Read the SAML metadata content from file.
cloudctl iam service-api-key
cloudctl iam service-api-key - List details of a service API key
Example
cloudctl iam service-api-key NAME SERVICE_ID_NAME [--uuid]
PARAMETERS:
--uuid Display only uuid
cloudctl iam service-api-key-create
cloudctl iam service-api-key-create - Create a service API key
Example
cloudctl iam service-api-key-create NAME SERVICE_ID_NAME [-d, --description DESCRIPTION] [-f, --file FILE]
PARAMETERS:
-d value, --description value Description of the API key
-f value, --file value Save API key information to specified file. If not set, the JSON content will be displayed.
cloudctl iam service-api-key-delete
cloudctl iam service-api-key-delete - Delete a service API key
Example
cloudctl iam service-api-key-delete NAME SERVICE_ID_NAME [-f, --force]
PARAMETERS:
-f, --force Delete without confirmation
cloudctl iam service-api-key-update
cloudctl iam service-api-key-update - Update a service API key
Example
cloudctl iam service-api-key-update NAME SERVICE_ID_NAME [-n, --name NEW_NAME] [-d, --description DESCRIPTION] [-f, --force]
PARAMETERS:
-n value, --name value New name of the service API key
-d value, --description value New description of the service API key
-f, --force Update without confirmation
cloudctl iam service-api-keys
cloudctl iam service-api-keys - List all API keys of a service
Example
cloudctl iam service-api-keys SERVICE_ID_NAME
cloudctl iam service-id
cloudctl iam service-id - Display details of a service ID
Example
cloudctl iam service-id NAME [--uuid]
PARAMETERS:
--uuid Display the UUID of the service ID
cloudctl iam service-id-create
cloudctl iam service-id-create - Create a service ID
Example
cloudctl iam service-id-create NAME [-d, --description DESCRIPTION]
PARAMETERS:
-d value, --description value Description of the service ID
cloudctl iam service-id-delete
cloudctl iam service-id-delete - Delete a service ID
Example
cloudctl iam service-id-delete NAME [-f, --force]
PARAMETERS:
-f, --force Delete without confirmation
cloudctl iam service-id-update
cloudctl iam service-id-update - Update a service ID
Example
cloudctl iam service-id-update NAME [-n, --name NEW_NAME] [-d, --description DESCRIPTION] [-f, --force]
PARAMETERS:
-n value, --name value New name of the service ID
-d value, --description value New description of the service ID
-f, --force Update without confirmation
cloudctl iam service-ids
cloudctl iam service-ids - List all service IDs.
Example
cloudctl iam service-ids --uuid
PARAMETERS:
--uuid Show UUID of service IDs only.
cloudctl iam service-policies
cloudctl iam service-policies - List all service policies of specified service
Example
cloudctl iam service-policies SERVICE_ID_NAME [--json] [-f, --force]
PARAMETERS:
--json Display policy in JSON format
-f, --force Display service policies without confirmation
cloudctl iam service-policy
cloudctl iam service-policy - Display details of a service policy
Example
cloudctl iam service-policy SERVICE_ID_NAME POLICY_ID [--json] [-f, --force]
PARAMETERS:
--json Display policy in JSON format
-f, --force Display service policy without confirmation
cloudctl iam service-policy-create
cloudctl iam service-policy-create - Create a service policy
Example
cloudctl iam service-policy-create SERVICE_ID_NAME {-r, --roles ROLE_NAME1,ROLE_NAME2... [--service-name SERVICE_NAME]} [-f, --force]
PARAMETERS:
-r value, --roles value Role names of the policy definition. For supported roles, run cloudctl iam roles.
--service-name value Service name of the policy definition.
-f, --force Create service policy without confirmation
cloudctl iam service-policy-delete
cloudctl iam service-policy-delete - Delete a service policy
Example
cloudctl iam service-policy-delete SERVICE_ID_NAME POLICY_ID [-f, --force]
PARAMETERS:
-f, --force Delete without confirmation
cloudctl iam service-policy-update
cloudctl iam service-policy-update - Update a service policy
Example
cloudctl iam service-policy-update SERVICE_ID_NAME POLICY_ID {[-r, --roles ROLE_NAME1,ROLE_NAME2...] [--service-name SERVICE_NAME]} [-f, --force]
PARAMETERS:
-r value, --roles value Role names of the policy definition. For supported roles, run cloudctl iam roles.
--service-name value Service name of the policy definition.
-f, --force Update service policy without confirmation
cloudctl iam services
cloudctl iam services - List services
Example
cloudctl iam services